Bug 2211440 (CVE-2023-3022)
| Summary: | CVE-2023-3022 kernel: IPv6: panic in fib6_rule_suppress when fib6_rule_lookup fails | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Alex <allarkin> |
| Component: | vulnerability | Assignee: | Nobody <nobody> |
| Status: | NEW --- | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | acaringi, allarkin, bhu, chwhite, crwood, dbohanno, ddepaula, debarbos, dfreiber, dvlasenk, ezulian, hkrzesin, jarod, jburrell, jdenham, jfaracco, jferlan, jforbes, jlelli, joe.lawrence, jshortt, jstancek, jwyatt, kcarcia, kernel-mgr, ldoskova, lgoncalv, lzampier, nmurray, ptalbert, qzhao, rogbas, rrobaina, rvrbovsk, rysulliv, scweaver, tyberry, vkumar, walters, wcosta, williams, wmealing, ycote |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | kernel 5.2-rc1 | Doc Type: | If docs needed, set a value |
| Doc Text: |
A flaw was found in the IPv6 module of the Linux kernel. The arg.result was not used consistently in fib6_rule_lookup, sometimes holding rt6_info and other times fib6_info. This was not accounted for in other parts of the code where rt6_info was expected unconditionally, potentially leading to a kernel panic in fib6_rule_suppress.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | Type: | --- | |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 2006441, 2167604, 2175952, 2211457, 2211461, 2211462, 2211463 | ||
| Bug Blocks: | 2176407 | ||
|
Description
Alex
2023-05-31 16:21:34 UTC
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2211457] This was fixed for Fedora in the 5.2 stable kernel rebases. This issue was fixed upstream in version 5.2-rc1. The kernel packages as shipped in the following Red Hat products were previously updated to a version that contains the fix via the following errata: kernel in Red Hat Enterprise Linux 8.6 Extended Update Support https://access.redhat.com/errata/RHSA-2023:1130 kernel-rt in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHSA-2022:1975 The vulnerability stems from an error in the fib6_rule_lookup() function, which is responsible for processing IPv6 routing rules. When certain rule combinations are present, the function can mishandle certain packets, leading to a kernel crash. https://geometrydashworld.online was released in 2013 and is one of the most successful geometry games by RobTop Games You can also check https://geometrydashsubzero.net for mỏe information! This comment was flagged a spam, view the edit history to see the original text if required. This comment was flagged a spam, view the edit history to see the original text if required. This comment was flagged a spam, view the edit history to see the original text if required. And stylish BJJ apparel, we started Novakik BJJ. BJJ Store https://disteno.com/ A flaw in the Linux kernel's IPv6 module could lead to kernel panic due to inconsistent use of arg.result in fib6_rule_lookup. This inconsistency might remind you of the unpredictable challenges in Papa's Pizzeria, where every decision can impact your success. Ensuring code consistency is crucial for stability, just as balancing toppings is key to winning in the game. https://papaspizzeriagame.com "Troll" is a strong term for this welcoming 2D platformer with 160 easy levels in over SIXTY vibrant hues. https://leveldevil2.io |