[SRU][J/F/B][PATCH 0/1] CVE-2022-4350
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Nov 21 22:32:36 UTC 2022
On 11/17/22 23:49, Cengiz Can wrote:
> On Thu, 2022-11-17 at 10:45 -0500, Yuxuan Luo wrote:
>> [Impact]
>> The usbmon module is found to have a vulnerability allowing user space
>> client to crash the kernel.
>>
>> [Backport]
>> It is a clean cherry-pick.
>>
>> [Test]
>> Compile tested.
> As we discussed, it would be nice if you can boot test this first.
Boot tested on J/F/B kvm: successfully boot, `modprobe` and `rmmod`
while dmesg and journalctl did not report anything suspicious.
>
>> [Potential Regression]
>> Potential regression is limited to the usbmon module.
>>
>> Tadeusz Struk (1):
>> usb: mon: make mmapped memory read only
>>
>> drivers/usb/mon/mon_bin.c | 5 +++++
>> 1 file changed, 5 insertions(+)
>>
>> --
>> 2.34.1
>>
>>
More information about the kernel-team
mailing list