[SRU][J/F/B][PATCH 0/1] CVE-2022-3565
Yuxuan Luo
yuxuan.luo at canonical.com
Fri Nov 18 22:05:14 UTC 2022
On 11/17/22 19:38, Cengiz Can wrote:
> On Wed, 2022-11-16 at 15:59 -0500, Yuxuan Luo wrote:
>> [Impact]
>> A vulnerability is found at l1oip: when a timer handler is still running after
>> the card is released, a use-after-free occurs.
>>
>> [Backport]
>> It is a clean cherry pick.
>>
>> [Test]
>> Compile tested.
> Is there a specific reason for skipping smoke testing?
l1oip module can be loaded and unloaded without error, tested on kvm.
>
>> [Potential Regression]
>> No potential regression since it only adds a few conditional statement as
>> protection.
>>
>> Duoming Zhou (1):
>> mISDN: fix use-after-free bugs in l1oip timer handlers
>>
>> drivers/isdn/mISDN/l1oip.h | 1 +
>> drivers/isdn/mISDN/l1oip_core.c | 13 +++++++------
>> 2 files changed, 8 insertions(+), 6 deletions(-)
>>
>> --
>> 2.34.1
>>
>>
More information about the kernel-team
mailing list