ACK: [SRU][Trusty][Bionic][PATCH 0/1] Fix for CVE-2018-16276
khalid.elmously at canonical.com
Fri Nov 30 04:29:26 UTC 2018
On 2018-11-09 15:33:24 , Kleber Souza wrote:
> It was discovered that the YUREX USB device driver for the Linux kernel did
> not properly restrict user space reads or writes. A physically proximate
> attacker could use this to cause a denial of service (system crash) or
> possibly execute arbitrary code.
> Clean cherry-pick for Bionic, simple backport for Trusty only for
> context adjustment.
> Jann Horn (1):
> USB: yurex: fix out-of-bounds uaccess in read handler
> drivers/usb/misc/yurex.c | 23 ++++++-----------------
> 1 file changed, 6 insertions(+), 17 deletions(-)
Acked-by: Khalid Elmously <khalid.elmously at canonical.com>
More information about the kernel-team