Re: wild pointer access in rsvp classifer in the Linux kernel <= v6.2

8 Sep 2023


      On Thu, Sep 07, 2023 at 05:01:23PM -0700, Kyle Zeng wrote:
...
Hi Greg,
I recently found a bug in the rsvp traffic classifier in the Linux kernel.
This classifier is already retired in the upstream but affects stable
releases.
The symptom of the bug is that the kernel can be tricked into accessing a
wild pointer, thus crash the kernel.
Since it is just a crash and cannot be used for LPE, I do not want to
trouble security@kernel.org. And since the classifier is already
retired in the upstream, I cannot report there.
Great, can you use 'git bisect' to track down the commit that fiexes
this so we can add it to the stable trees?
thanks,
greg k-h

2025

2024

2023

2022

2021

2020

2019

2018

2017

Re: wild pointer access in rsvp classifer in the Linux kernel <= v6.2