[SRU][Trusty][lts-vivid][Wily][PATCH 0/1] Revert "usb: hub: do not clear BOS field during reset device"
Joseph Salisbury
joseph.salisbury at canonical.com
Fri May 20 15:56:15 UTC 2016
BugLink: http://bugs.launchpad.net/bugs/1582864
== SRU Justification ==
This bug is fixed by commit by upstream commit e5bdfd5, which reverts upstream
commit d8f00cd.
With slub_debug enabled this manifests as a deref of 0x6b6b in usb_disable_ltm.
Without slub_debug you end up getting a double free and messing up the allocator
and apparmor tends to be the first one to notice. See stack trace in bug report.
According to the commit message, this patch has already been included in the following -stable kernels:
4.5.0-rc4 (current git)
4.4.2
4.3.6 (currently in review)
4.1.18
3.18.27
3.14.61
This commit was also request in upstream kernels: v3.13.y-ckt, v3.19-ckt and v4.2.y-ckt.
== Fix ==
commit e5bdfd50d6f76077bf8441d130c606229e100d40
Author: Greg Kroah-Hartman <gregkh at linuxfoundation.org>
Date: Sat Feb 20 14:19:34 2016 -0800
Revert "usb: hub: do not clear BOS field during reset device"
== Test Case ==
A test kernel was built with this patch and tested by the original bug reporter.
The bug reporter states the test kernel resolved the bug.
Greg Kroah-Hartman (1):
Revert "usb: hub: do not clear BOS field during reset device"
drivers/usb/core/hub.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
--
2.7.4
More information about the kernel-team
mailing list