ACK: [SRU Xenial 0/3] CVE-2021-37159
Luke Nowakowski-Krijger
luke.nowakowskikrijger at canonical.com
Fri Mar 18 00:43:01 UTC 2022
Acked-by: Luke Nowakowski-Krijger <luke.nowakowskikrijger at canonical.com>
On Thu, Mar 17, 2022 at 11:01 AM Thadeu Lima de Souza Cascardo <
cascardo at canonical.com> wrote:
> [Impact]
> On some error paths during USB HSO probe, the driver would do a
> use-after-free or double-free. This could allow malicous devices to
> cause a DoS on the system or possibly execute arbritary code.
>
> [Fix]
> The first commit removes some error messages, making the backport easier
> and less error prone. The second commit also helps with backports, but
> also fix a secondary issue. The final commit had a small change due to
> hso_free_net_device being changed.
>
> [Potential regression]
> USB HSO devices could fail to be correctly probe or function adequately.
>
> Andreas Kemnade (1):
> net: hso: register netdev later to avoid a race condition
>
> Dongliang Mu (1):
> usb: hso: fix error handling code of hso_create_net_device
>
> Wolfram Sang (1):
> net: usb: hso: don't print error when allocating urb fails
>
> drivers/net/usb/hso.c | 65 ++++++++++++++++++++++---------------------
> 1 file changed, 34 insertions(+), 31 deletions(-)
>
> --
> 2.25.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20220317/0ad1f5e4/attachment.html>
More information about the kernel-team
mailing list