ACK: [SRU][J][PATCH 0/1] CVE-2024-50073
Wei-Lin Chang
weilin.chang at canonical.com
Tue Jun 24 02:43:30 UTC 2025
On Sat, Jun 21, 2025 at 03:15:19PM +0200, Massimiliano Pellizzer wrote:
> https://ubuntu.com/security/CVE-2024-50073
>
> [ Impact ]
>
> tty: n_gsm: Fix use-after-free in gsm_cleanup_mux
>
> gsm_msg on the tx_ctrl_list or tx_data_list of gsm_mux
> can be freed by multi threads through ioctl,which leads
> to the occurrence of uaf. Protect it by gsm tx lock.
>
> [ Fix ]
>
> Plucky: not affected
> Noble: fixed via upstream stable updates (LP: #2097393)
> Jammy: fix backported from mainline
>
> [ Test Plan ]
>
> Compile tested only.
>
> [ Where Problems Could Occur ]
>
> The fix affects the GSM 07.10 multiplexer line discipline in the TTY subsystem.
> An issue with this fix may introduce problems such as improper acquisition
> or release of the tx_lock spinlock, potentially resulting in deadlocks during
> multiplexer teardown or data transmission.
> As a consequence, regular users may experience hangs or stalls in applications
> communicating over GSM virtual TTYs.
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Acked-by: Wei-Lin Chang <weilin.chang at canonical.com>
More information about the kernel-team
mailing list