APPLIED[J]: [SRU][Jammy][OEM-6.1][PATCH 0/2] CVE-2023-6039
Roxana Nicolescu
roxana.nicolescu at canonical.com
Fri Mar 22 15:05:19 UTC 2024
On 19/03/2024 22:25, Yuxuan Luo wrote:
> [Impact]
> A use-after-free flaw was found in lan78xx_disconnect in
> drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx
> in the Linux Kernel. This flaw allows a local attacker to crash the
> system when the LAN78XX USB device detaches. This patch adds the
> follow-up commits needed for the fix.
>
> [Backport]
> They are all clean cherry picks.
>
> [Test]
> Compile and boot tested.
>
> [Where things could go wrong]
> This patch set slightly modified a kernel function which is only used by
> lan78xx since it is backported for its sake. Expect low risk regression
> limited to lan78xx.
>
> Thomas Gleixner (2):
> timers: Replace BUG_ON()s
> timers: Silently ignore timers with a NULL function
>
> kernel/time/timer.c | 66 ++++++++++++++++++++++++++++++++++++++-------
> 1 file changed, 57 insertions(+), 9 deletions(-)
>
Applied to jammy master-next branch. Thanks!
More information about the kernel-team
mailing list