On Thu, Apr 28, 2022 at 04:57:41PM -0700, Hao Luo wrote:
> Hi Greg,
>
> Please cherry-pick this patch series into 5.15.y stable. It
> includes a feature that fixes CVE-2022-0500 which allows a user with
> cap_bpf privileges to get root privileges. The patch that fixes
> the bug is
>
> patch 7/10: bpf: Make per_cpu_ptr return rdonly
>
> The rest are the depedences required by the fix patch. Note that v5.10 and
> below are not affected by this bug.
>
> This patchset has been merged in mainline v5.17 and backported to v5.16[1],
> except patch 10/10 ("bpf: Fix crash due to out of bounds access into reg2btf_ids."),
> which fixes an out-of-bound access in the main feature in this series and
> hasn't been backported to v5.16 yet. If it's convenient, could you
> apply patch 10/10 to 5.16? I can send a separate patch for v5.16, if you
> prefer.
5.16 is long end-of-life, sorry, I can't add any more patches to that
tree and no one should be using it anymore.
I'll go queue these up now for 5.15, thanks for the backports!
greg k-h
