Public bug reported:
BugLink: https://bugs.launchpad.net/bugs/2157545
[Impact]
Microsoft has requested a backport of an upstream commit that fixes an
out-of-bounds access in mana_hwc_rx_event_handler().
[Fix]
Backport the following upstream commit to all Azure kernels > 5.15:
b809d0409991: "net: mana: validate rx_req_idx to prevent out-of-bounds array
access"
[Test Plan]
Compile + boot tested, Microsoft to run further validation on their
side.
[Regression potential]
This patch is isolated to the MANA driver, thus having a low regression
potential; although it shouldn't cause any issues, regressions here
might manifest as performance degradation or crashes in the MANA driver.
[Other info]
SF#00439438
** Affects: linux-azure (Ubuntu)
Importance: High
Assignee: Vinicius Peixoto (vpeixoto)
Status: In Progress
** Affects: linux-azure (Ubuntu Jammy)
Importance: High
Assignee: Vinicius Peixoto (vpeixoto)
Status: In Progress
** Affects: linux-azure (Ubuntu Noble)
Importance: High
Assignee: Vinicius Peixoto (vpeixoto)
Status: In Progress
** Affects: linux-azure (Ubuntu Questing)
Importance: High
Assignee: Vinicius Peixoto (vpeixoto)
Status: In Progress
** Affects: linux-azure (Ubuntu Resolute)
Importance: High
Assignee: Vinicius Peixoto (vpeixoto)
Status: In Progress
** Also affects: linux-azure (Ubuntu Jammy)
Importance: Undecided
Status: New
** Also affects: linux-azure (Ubuntu Questing)
Importance: Undecided
Status: New
** Also affects: linux-azure (Ubuntu Resolute)
Importance: Undecided
Status: New
** Also affects: linux-azure (Ubuntu Noble)
Importance: Undecided
Status: New
** Changed in: linux-azure (Ubuntu)
Status: New => In Progress
** Changed in: linux-azure (Ubuntu Jammy)
Status: New => In Progress
** Changed in: linux-azure (Ubuntu Noble)
Status: New => In Progress
** Changed in: linux-azure (Ubuntu Questing)
Status: New => In Progress
** Changed in: linux-azure (Ubuntu Resolute)
Status: New => In Progress
** Changed in: linux-azure (Ubuntu)
Importance: Undecided => High
** Changed in: linux-azure (Ubuntu Jammy)
Importance: Undecided => High
** Changed in: linux-azure (Ubuntu Questing)
Importance: Undecided => High
** Changed in: linux-azure (Ubuntu Noble)
Importance: Undecided => High
** Changed in: linux-azure (Ubuntu)
Assignee: (unassigned) => Vinicius Peixoto (vpeixoto)
** Changed in: linux-azure (Ubuntu Questing)
Assignee: (unassigned) => Vinicius Peixoto (vpeixoto)
** Changed in: linux-azure (Ubuntu Resolute)
Assignee: (unassigned) => Vinicius Peixoto (vpeixoto)
** Changed in: linux-azure (Ubuntu Resolute)
Importance: Undecided => High
** Changed in: linux-azure (Ubuntu Jammy)
Assignee: (unassigned) => Vinicius Peixoto (vpeixoto)
** Changed in: linux-azure (Ubuntu Noble)
Assignee: (unassigned) => Vinicius Peixoto (vpeixoto)
** Description changed:
- SRU Justification
+ BugLink: https://bugs.launchpad.net/bugs/2157545
[Impact]
Microsoft has requested a backport of an upstream commit that fixes an
out-of-bounds access in mana_hwc_rx_event_handler().
[Fix]
Backport the following upstream commit to all Azure kernels > 5.15:
b809d0409991: "net: mana: validate rx_req_idx to prevent out-of-bounds array
access"
[Test Plan]
Compile + boot tested, Microsoft to run further validation on their
side.
[Regression potential]
This patch is isolated to the MANA driver, thus having a low regression
potential; although it shouldn't cause any issues, regressions here
might manifest as performance degradation or crashes in the MANA driver.
[Other info]
SF#00439438
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/2157545
Title:
azure: backport "net: mana: validate rx_req_idx to prevent out-of-
bounds array access"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux-azure/+bug/2157545/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
