Description
In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 ("nbd: verify socket is supported during setup") made sure the socket supported a shutdown() method. Explicitely accept TCP and UNIX stream sockets.
Product status
cf1b2326b734896734c6e167e41766f9cee7686a (git) before c365e8f20f4201d873a70385bd919f0fb531e960
cf1b2326b734896734c6e167e41766f9cee7686a (git) before 4f9e6ff6319dbcebea64b50af0304cf0ad7e97e7
cf1b2326b734896734c6e167e41766f9cee7686a (git) before 37ad11f20e164c23ce827dd455b42c0fdd29685c
cf1b2326b734896734c6e167e41766f9cee7686a (git) before 808e2335bc1cf2293b9e36ccc94c267c81509c71
cf1b2326b734896734c6e167e41766f9cee7686a (git) before 9f7c02e031570e8291a63162c6c046dc15ff85b0
4df728651b8a99693c69962d8e5a5b9e5a3bbcc7 (git)
083322455c67d278c56a66b73f1221f004ee600a (git)
4fa1cbd587ef967812f9d9f6ce46ec1dead7502c (git)
5.4
Any version before 5.4
6.1.156 (semver)
6.6.112 (semver)
6.12.53 (semver)
6.17.3 (semver)
6.18-rc1 (original_commit_for_fix)
References
git.kernel.org/...c/c365e8f20f4201d873a70385bd919f0fb531e960
git.kernel.org/...c/4f9e6ff6319dbcebea64b50af0304cf0ad7e97e7
git.kernel.org/...c/37ad11f20e164c23ce827dd455b42c0fdd29685c
git.kernel.org/...c/808e2335bc1cf2293b9e36ccc94c267c81509c71
git.kernel.org/...c/9f7c02e031570e8291a63162c6c046dc15ff85b0
