[SRU][N][PATCH 0/1] CVE-2024-53165
Bethany Jamison
bethany.jamison at canonical.com
Mon Feb 10 17:58:58 UTC 2025
[Impact]
sh: intc: Fix use-after-free bug in register_intc_controller()
In the error handling for this function, d is freed without ever
removing it from intc_list which would lead to a use after free.
To fix this, let's only add it to the list after everything has
succeeded.
[Fix]
Oracular: pending (6.11.0-17.17)
Noble: Clean cherry-pick from linux-6.11.y
Jammy: pending
Focal: pending
Bionic: fix sent to esm ML
Xenial: fix sent to esm ML
Trusty: won't fix as it is not critical
[Test Case]
Compile tested.
[Where problems could occur]
This fix affects those who use the interrupt handling code for IPR
and INTC2 types of IRQs, an issue with this fix would be visible to
the user via data corruption or unexpected system behavior.
Dan Carpenter (1):
sh: intc: Fix use-after-free bug in register_intc_controller()
drivers/sh/intc/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
2.43.0
More information about the kernel-team
mailing list