SUBJECT: ovl: fail on invalid uid/gid mapping at copy up COMMIT: 4f11ada10d0ad3fd53e2bd67806351de63a4f9c3
Reason for request: This resolves CVE-2023-0386
CVE context: https://nvd.nist.gov/vuln/detail/CVE-2023-0386
Sorry please ignore this, didn't realize the commit that introduced this issue landed on 5.11.
On Tue, Mar 28, 2023 at 2:26 PM Nobel Barakat nobelbarakat@google.com wrote:
SUBJECT: ovl: fail on invalid uid/gid mapping at copy up COMMIT: 4f11ada10d0ad3fd53e2bd67806351de63a4f9c3
Reason for request: This resolves CVE-2023-0386
CVE context: https://nvd.nist.gov/vuln/detail/CVE-2023-0386
Here's a link to the config we use: https://cos.googlesource.com/third_party/kernel/+/refs/heads/cos-6.1/arch/x8...
Also, no issue here in this thread. The buggy commit looks like this one here: 459c7c565ac3: ovl: unprivieged mounts
Since this landed on 5.11, 5.10 doesn't need a backport.
linux-stable-mirror@lists.linaro.org