[SRU][B/X][PATCH 0/1] CVE-2024-53165
Bethany Jamison
bethany.jamison at canonical.com
Mon Feb 10 18:00:24 UTC 2025
[Impact]
sh: intc: Fix use-after-free bug in register_intc_controller()
In the error handling for this function, d is freed without ever
removing it from intc_list which would lead to a use after free.
To fix this, let's only add it to the list after everything has
succeeded.
[Fix]
Oracular: pending (6.11.0-17.17)
Noble: (Clean cherry-pick from linux-6.11.y), fix sent to kernel ML
Jammy: pending
Focal: pending
Bionic: Noble patch applied cleanly
Xenial: Noble patch applied cleanly
Trusty: won't fix as it is not critical
[Test Case]
Compile tested.
[Where problems could occur]
This fix affects those who use the interrupt handling code for IPR
and INTC2 types of IRQs, an issue with this fix would be visible to
the user via data corruption or unexpected system behavior.
Dan Carpenter (1):
sh: intc: Fix use-after-free bug in register_intc_controller()
drivers/sh/intc/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
2.43.0
More information about the kernel-team
mailing list