ACK: [SRU][J][PATCH v2 0/1] CVE-2024-50061
Alessio Faina
alessio.faina at canonical.com
Mon Sep 29 08:26:18 UTC 2025
On Fri, Sep 26, 2025 at 10:03:13AM -0400, Alice C. Munduruca wrote:
> v2 -> Changed the formatting for the backport notes
>
> [ Impact ]
>
> A use-after-free is possible if two functions in `i3c/master`
> enter a race condition. In order to ensure that this can no longer
> occur, we invalidate any related work when unregistering a `i3c`
> device so that it cannot then be used to access the underlying
> freed value.
>
> [ Fix ]
>
> jammy: backported from upstream, simply applying the change despite
> a missing commit which caused contextual differences.
>
> [ Tests ]
>
> Compile and boot tested.
>
> [ Where problems could occur ]
>
> One-line change with limited backport-related regression potential.
> Since the scope is limited to i3c, the most that could happen is a
> denial of that specific service. (although this is quite unlikely)
>
> Kaixin Wang (1):
> i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master
> Driver Due to Race Condition
>
> drivers/i3c/master/i3c-master-cdns.c | 1 +
> 1 file changed, 1 insertion(+)
>
> --
> 2.48.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Acked-by: Alessio Faina <alessio.faina at canonical.com>
More information about the kernel-team
mailing list