NACK: [SRU][F/J/K/L][PATCH 0/1] CVE-2023-3141
Yuxuan Luo
yuxuan.luo at canonical.com
Tue Aug 8 13:34:49 UTC 2023
This is meant to be OEM patches, wrong subject. Will send a v2 soon.
On 8/8/23 05:36, Thadeu Lima de Souza Cascardo wrote:
> On Mon, Aug 07, 2023 at 05:05:30PM -0400, Yuxuan Luo wrote:
>> [Impact]
>> It is found that memstick/r592 driver is likely to be vulnerable to a
>> use-after-free flaw at driver removal, leading to potential kernel integrity
>> damage.
>>
>> [Backport]
>> Clean cherry pick.
>>
>> [Test]
>> Compile and smoke tested.
>>
>> [Potential Regression]
>> Expect minimal regression.
>>
>> Zheng Wang (1):
>> memstick: r592: Fix UAF bug in r592_remove due to race condition
>>
>> drivers/memstick/host/r592.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> --
>> 2.34.1
> Was this meant to be to oem-5.17 and oem-6.0?
>
> Cascardo.
More information about the kernel-team
mailing list