[SRU Xenial 0/3] CVE-2021-37159
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Thu Mar 17 18:00:38 UTC 2022
[Impact]
On some error paths during USB HSO probe, the driver would do a
use-after-free or double-free. This could allow malicous devices to
cause a DoS on the system or possibly execute arbritary code.
[Fix]
The first commit removes some error messages, making the backport easier
and less error prone. The second commit also helps with backports, but
also fix a secondary issue. The final commit had a small change due to
hso_free_net_device being changed.
[Potential regression]
USB HSO devices could fail to be correctly probe or function adequately.
Andreas Kemnade (1):
net: hso: register netdev later to avoid a race condition
Dongliang Mu (1):
usb: hso: fix error handling code of hso_create_net_device
Wolfram Sang (1):
net: usb: hso: don't print error when allocating urb fails
drivers/net/usb/hso.c | 65 ++++++++++++++++++++++---------------------
1 file changed, 34 insertions(+), 31 deletions(-)
--
2.25.1
More information about the kernel-team
mailing list