This change is in work and will be released in an upcoming 22.04 kernel,
5.15.0-156.
** Changed in: linux (Ubuntu)
Status: New => Fix Committed
** Changed in: linux (Ubuntu)
Assignee: (unassigned) => Canonical Kernel Team (canonical-kernel-team)
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/2119708
Title:
Backport Request: vmw_vsock_vmci_transport (Version: 1.0.5.0-k) to
Ubuntu 22.04
Status in linux package in Ubuntu:
Fix Committed
Bug description:
Hello Ubuntu team,
The current vmw_vsock_vmci_transport driver in older kernels may
contain an information disclosure vulnerability due to the usage of an
uninitialized memory in vSockets.
Fix Commit(s):
Commit Id:- 223e2288f4b8
Description:- Fix vsock/vmci: Clear the vmci transport packet properly when
initializing it
Upstream version:- 6.16
Link:-
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=223e2288f4b8
We respectfully request that the updates to the
vmw_vsock_vmci_transport driver be backported to the next Ubuntu 22.04
release. These update addresses a security issue.
Thank you for your support.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2119708/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : [email protected]
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
