ACK: [SRU][F/J][PATCH v2 0/2] CVE-2024-56599
Kuba Pawlak
kuba.pawlak at canonical.com
Wed Apr 9 13:10:01 UTC 2025
On 8.04.2025 17:43, Abdur Rahman wrote:
> This patch fixes use-after-free error in the Atheros 10k wireless driver. Due
> to CONFIG_INIT_ON_FREE_DEFAULT_ON, pointers of struct cfg80211_registered_device
> *rdev are set to NULL in the ath10k_core_destroy() function. Then
> destroy_workqueue() uses the pointer and kernel panic happens.
>
> [Backport]
>
> Oracular: Fixed
> Noble: Fixed
> Jammy: Patch sent to ML
> Focal: Patch sent to ML
> Bionic: Not affected
> Xenial: Not affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> Since this is a minor change with respect to a Atheros 10k driver, errors may be
> caused in any devices using this driver. Error may cause unpredictable behavior or
> crash.
>
> [Other Info]
>
> Changes between v1 and v2:
> Modified commit messages to explain what changes were made in backport of the
> patches.
Acked-by: Kuba Pawlak <kuba.pawlak at canonical.com>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x216A9D7E3B63DCB4.asc
Type: application/pgp-keys
Size: 3139 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250409/62a1a8ab/attachment.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20250409/62a1a8ab/attachment.sig>
More information about the kernel-team
mailing list