CVE-2023-4194

tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid

References

Notes

 carnil> CVE exists because of incorrect fixes for CVE-2023-1076.
 carnil> For 6.4.y fixed as well in 6.4.10.

Bugs

Status

Branch Status
4.19-buster-security needed
4.19-upstream-stable needed
5.10-bullseye-security released (5.10.191-1)
5.10-upstream-stable released (5.10.190) [5ea23f1cb67e4468db7ff651627892c9217fec24, 33a339e717be2c88b7ad11375165168d5b40e38e]
6.1-bookworm-security released (6.1.52-1)
6.1-upstream-stable released (6.1.45) [b6846d7c408b33e4701f4f5ca28932e2a08e0a2e. 767800fc402deac438c5aed9c82f0e71a70c86fd]
6.6-upstream-stable unknown
6.8-upstream-stable unknown
sid released (6.4.11-1)
upstream released (6.5-rc5) [9bc3047374d5bec163e83e743709e23753376f0c, 5c9241f3ceab3257abe2923a59950db0dc8bb737]