APPLIED: [PATCH 0/2][X] CVE-2017-18174 - Denial of service in AMD GPIO pin control

Khaled Elmously khalid.elmously at canonical.com
Wed Nov 28 07:35:31 UTC 2018


On 2018-11-20 01:47:27 , Tyler Hicks wrote:
> https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-18174
> 
>  In the Linux kernel before 4.7, the amd_gpio_remove function in
>  drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function,
>  leading to a double free.
> 
> Clean cherry pick to Xenial. I had to incorporate a stray build failure fix
> from a related patch. I'm unable to test these changes since it requires
> specific AMD hardware. The build logs are clean and the changes are fairly
> straightforward.
> 
> Tyler
> 
> 
> -- 
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team



More information about the kernel-team mailing list