* CVE-2023-3090
- ipvlan:Fix out-of-bounds caused by unclear skb->cb
* CVE-2023-3269
- mm: introduce new 'lock_mm_and_find_vma()' page fault helper
- mm: make the page fault mmap locking killable
- arm64/mm: Convert to using lock_mm_and_find_vma()
- powerpc/mm: Convert to using lock_mm_and_find_vma()
- mips/mm: Convert to using lock_mm_and_find_vma()
- riscv/mm: Convert to using lock_mm_and_find_vma()
- arm/mm: Convert to using lock_mm_and_find_vma()
- mm/fault: convert remaining simple cases to lock_mm_and_find_vma()
- powerpc/mm: convert coprocessor fault to lock_mm_and_find_vma()
- mm: make find_extend_vma() fail if write lock not held
- execve: expand new process stack manually ahead of time
- mm: always expand the stack with the mmap write lock held
- [CONFIG]: Set CONFIG_LOCK_MM_AND_FIND_VMA
-- Thadeu Lima de Souza Cascardo <email address hidden> Mon, 10 Jul 2023 17:25:47 -0300
This bug was fixed in the package linux - 6.2.0-26.26
---------------
linux (6.2.0-26.26) lunar; urgency=medium
* lunar/linux: 6.2.0-26.26 -proposed tracker (LP: #2026753)
* CVE-2023-2640 // CVE-2023-32629 do_(set| remove) xattr" overlayfs. * xattrs"
- Revert "UBUNTU: SAUCE: overlayfs: handle idmapped mounts in
ovl_
- Revert "UBUNTU: SAUCE: overlayfs: Skip permission checking for
trusted.
- SAUCE: overlayfs: default to userxattr when mounted from non initial user
namespace
* CVE-2023-35001
- netfilter: nf_tables: prevent OOB access in nft_byteorder_eval
* CVE-2023-31248
- netfilter: nf_tables: do not ignore genmask when looking up chain by id
* CVE-2023-3389
- io_uring/poll: serialize poll linked timer start with poll removal
* CVE-2023-3390
- netfilter: nf_tables: incorrect error path handling with NFT_MSG_NEWRULE
* CVE-2023-3090
- ipvlan:Fix out-of-bounds caused by unclear skb->cb
* CVE-2023-3269 and_find_ vma()' page fault helper and_find_ vma() and_find_ vma() and_find_ vma() and_find_ vma() and_find_ vma() and_find_ vma() and_find_ vma() LOCK_MM_ AND_FIND_ VMA
- mm: introduce new 'lock_mm_
- mm: make the page fault mmap locking killable
- arm64/mm: Convert to using lock_mm_
- powerpc/mm: Convert to using lock_mm_
- mips/mm: Convert to using lock_mm_
- riscv/mm: Convert to using lock_mm_
- arm/mm: Convert to using lock_mm_
- mm/fault: convert remaining simple cases to lock_mm_
- powerpc/mm: convert coprocessor fault to lock_mm_
- mm: make find_extend_vma() fail if write lock not held
- execve: expand new process stack manually ahead of time
- mm: always expand the stack with the mmap write lock held
- [CONFIG]: Set CONFIG_
-- Thadeu Lima de Souza Cascardo <email address hidden> Mon, 10 Jul 2023 17:25:47 -0300