ACK: [CVE-2017-8925][PATCH T/Y] USB: serial: omninet: fix reference leaks at open
Colin Ian King
colin.king at canonical.com
Mon Jun 12 07:45:08 UTC 2017
On 12/06/17 07:17, Po-Hsu Lin wrote:
> From: Johan Hovold <johan at kernel.org>
>
> CVE-2017-8925
>
> This driver needlessly took another reference to the tty on open, a
> reference which was then never released on close. This lead to not just
> a leak of the tty, but also a driver reference leak that prevented the
> driver from being unloaded after a port had once been opened.
>
> Fixes: 4a90f09b20f4 ("tty: usb-serial krefs")
> Cc: stable <stable at vger.kernel.org> # 2.6.28
> Signed-off-by: Johan Hovold <johan at kernel.org>
> (cherry picked from commit 30572418b445d85fcfe6c8fe84c947d2606767d8)
>
> Signed-off-by: Po-Hsu Lin <po-hsu.lin at canonical.com>
> ---
> drivers/usb/serial/omninet.c | 6 ------
> 1 file changed, 6 deletions(-)
>
> diff --git a/drivers/usb/serial/omninet.c b/drivers/usb/serial/omninet.c
> index f6c6900..880bbdb 100644
> --- a/drivers/usb/serial/omninet.c
> +++ b/drivers/usb/serial/omninet.c
> @@ -129,12 +129,6 @@ static int omninet_port_remove(struct usb_serial_port *port)
>
> static int omninet_open(struct tty_struct *tty, struct usb_serial_port *port)
> {
> - struct usb_serial *serial = port->serial;
> - struct usb_serial_port *wport;
> -
> - wport = serial->port[1];
> - tty_port_tty_set(&wport->port, tty);
> -
> return usb_serial_generic_open(tty, port);
> }
>
>
Acked-by: Colin Ian King <colin.king at canonical.com>
More information about the kernel-team
mailing list