ACK: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-28328
Tim Gardner
tim.gardner at canonical.com
Mon Jul 31 16:06:11 UTC 2023
On 7/31/23 10:00 AM, Yuxuan Luo wrote:
> [Impact]
> Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel
> contained a null pointer dereference when handling certain messages from
> user space. A local attacker could use this to cause a denial of service
> (system crash).
>
> [Backport]
> It's a clean cherry pick.
>
> [Test]
> Smoked tested via modprobe and rmmod dvb-usb-az6027.
>
> [Potential Regression]
> Expecting very low potential.
>
> Baisong Zhong (1):
> media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
>
> drivers/media/usb/dvb-usb/az6027.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list