CVE-2024-23849

net/rds: Fix UBSAN: array-index-out-of-bounds in rds_cmsg_recv

References

https://lore.kernel.org/netdev/CALGdzuoVdq-wtQ4Az9iottBqC5cv9ZhcE5q8N7LfYFvkRsOVcw@mail.gmail.com/
https://lore.kernel.org/netdev/1705715319-19199-1-git-send-email-sharath.srinivasan%40oracle.com/

Notes

 carnil> For 6.7.y fixed as well in 6.7.3.
 carnil> Issue introduced with 3289025aedc0 ("RDS: add receive message
 carnil> trace used by application").

Bugs

Status

Branch	Status
4.19-buster-security	pending (4.19.309-1)
4.19-upstream-stable	released (4.19.307) [344350bfa3b4b37d7c3d5a00536e6fbf0e953fbf]
5.10-bullseye-security	released (5.10.216-1)
5.10-upstream-stable	released (5.10.210) [5ae8d50044633306ff160fcf7faa24994175efe1]
6.1-bookworm-security	released (6.1.76-1)
6.1-upstream-stable	released (6.1.76) [71024928b3f71ce4529426f8692943205c58d30b]
6.6-upstream-stable	unknown
6.8-upstream-stable	unknown
sid	released (6.6.15-1)
upstream	released (6.8-rc2) [13e788deb7348cc88df34bed736c3b3b9927ea52]