[SRU OEM-5.17, OEM-6.0 PATCH 0/1] CVE-2023-1073
Cengiz Can
cengiz.can at canonical.com
Thu Jun 1 02:53:34 UTC 2023
[Impact]
A memory corruption flaw was found in the Linux kernel’s human interface device
(HID) subsystem in how a user inserts a malicious USB device. This flaw allows
a local user to crash or potentially escalate their privileges on the system.
[Fix]
Cherry picked from upstream.
[Test case]
Compile and boot tested.
[Potential regression]
Low. Only modifies list_entry usage to be list_first_entry_or_null instead.
Pietro Borrello (1):
HID: check empty report_list in hid_validate_values()
drivers/hid/hid-core.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.39.2
More information about the kernel-team
mailing list