On Mon, 31 Jul 2023 18:42:35 +0200 Laszlo Ersek wrote: > The original patches fixing CVE-2023-1076 are incorrect in my opinion. > This small series fixes them up; see the individual commit messages for > explanation. > > I have a very elaborate test procedure demonstrating the problem for > both tun and tap; it involves libvirt, qemu, and "crash". I can share > that procedure if necessary, but it's indeed quite long (I wrote it > originally for our QE team). > > The patches in this series are supposed to "re-fix" CVE-2023-1076; given > that said CVE is classified as Low Impact (CVSSv3=5.5), I'm posting this > publicly, and not suggesting any embargo. Red Hat Product Security may > assign a new CVE number later. > > I've tested the patches on top of v6.5-rc4, with "crash" built at commit > c74f375e0ef7. FTR this was applied yesterday to net. Thanks!
