rom 30b42b9223cac134079ce4cb47affbbc9c7ebcf0 Mon Sep 17 00:00:00 2001
Cengiz Can
cengiz.can at canonical.com
Tue Oct 11 13:31:31 UTC 2022
[Impact]
A flaw use after free in the Linux kernel video4linux driver was found
in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV
cards. A local user could use this flaw to crash the system or
potentially escalate their privileges on the system.
[Fix]
Fix was cherry picked from the upstream stable 4.14.y backport.
[Test case]
Since the driver requires a hardware TV card, only compile and boot
tested on KVM.
[Potential regression]
Unknown.
Dongliang Mu (1):
media: em28xx: initialize refcount before kref_get
drivers/media/usb/em28xx/em28xx-cards.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list