[SRU][J/F/B][PATCH 0/1] CVE-2022-3565
Thadeu Lima de Souza Cascardo
cascardo at canonical.com
Fri Nov 18 06:38:51 UTC 2022
On Fri, Nov 18, 2022 at 03:38:24AM +0300, Cengiz Can wrote:
> On Wed, 2022-11-16 at 15:59 -0500, Yuxuan Luo wrote:
> > [Impact]
> > A vulnerability is found at l1oip: when a timer handler is still running after
> > the card is released, a use-after-free occurs.
> >
> > [Backport]
> > It is a clean cherry pick.
> >
> > [Test]
> > Compile tested.
>
> Is there a specific reason for skipping smoke testing?
>
I will own 2 reviews to the person who can show that they have setup an l1oip
device and manually smoke tested this fix.
I will own 10 reviews to the person who pushes to our RT repo a l1oip test
suite that passes.
Cascardo.
> >
> > [Potential Regression]
> > No potential regression since it only adds a few conditional statement as
> > protection.
> >
> > Duoming Zhou (1):
> > mISDN: fix use-after-free bugs in l1oip timer handlers
> >
> > drivers/isdn/mISDN/l1oip.h | 1 +
> > drivers/isdn/mISDN/l1oip_core.c | 13 +++++++------
> > 2 files changed, 8 insertions(+), 6 deletions(-)
> >
> > --
> > 2.34.1
> >
> >
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list