ACK: [SRU Xenial 0/3] CVE-2021-37159
Tim Gardner
tim.gardner at canonical.com
Mon Mar 21 11:51:24 UTC 2022
Acked-by: Tim Gardner <tim.gardner at canonical.com>
Seems like this should have been on the ESM list.
On 3/17/22 12:00, Thadeu Lima de Souza Cascardo wrote:
> [Impact]
> On some error paths during USB HSO probe, the driver would do a
> use-after-free or double-free. This could allow malicous devices to
> cause a DoS on the system or possibly execute arbritary code.
>
> [Fix]
> The first commit removes some error messages, making the backport easier
> and less error prone. The second commit also helps with backports, but
> also fix a secondary issue. The final commit had a small change due to
> hso_free_net_device being changed.
>
> [Potential regression]
> USB HSO devices could fail to be correctly probe or function adequately.
>
> Andreas Kemnade (1):
> net: hso: register netdev later to avoid a race condition
>
> Dongliang Mu (1):
> usb: hso: fix error handling code of hso_create_net_device
>
> Wolfram Sang (1):
> net: usb: hso: don't print error when allocating urb fails
>
> drivers/net/usb/hso.c | 65 ++++++++++++++++++++++---------------------
> 1 file changed, 34 insertions(+), 31 deletions(-)
>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list