APPLIED: [SRU][OEM-5.17][OEM-6.0][PATCH 0/1] CVE-2023-1118
Manuel Diewald
manuel.diewald at canonical.com
Tue Apr 4 07:59:07 UTC 2023
On Mon, Mar 27, 2023 at 04:23:08PM -0300, Magali Lemes wrote:
> [Impact]
> A flaw use after free in the Linux kernel integrated infrared
> receiver/transceiver driver was found in the way user detaching rc device. A
> local user could use this flaw to crash the system or potentially escalate
> their privileges on the system.
>
> [Backport]
> Clean cherry-pick.
>
> [Test]
> Compiled, boot and module load tested.
>
> [Regression potential]
> Minimal, since we're only unregistering the RC device and adding
> del_timer_sync() to deactivate the tx_sim_timer timer as first actions in the
> ene_remove() function. Regressions would possibly only affect users of the
> infrared receiver/transceiver made by ENE.
>
> Duoming Zhou (1):
> media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
>
> drivers/media/rc/ene_ir.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Applied to jammy:linux-oem-5.17 and jammy:linux-oem-6.0. Thank you!
More information about the kernel-team
mailing list