APPLIED Re: [SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-28328
Timo Aaltonen
tjaalton at ubuntu.com
Fri Aug 4 09:47:20 UTC 2023
Yuxuan Luo kirjoitti 31.7.2023 klo 19.00:
> [Impact]
> Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel
> contained a null pointer dereference when handling certain messages from
> user space. A local attacker could use this to cause a denial of service
> (system crash).
>
> [Backport]
> It's a clean cherry pick.
>
> [Test]
> Smoked tested via modprobe and rmmod dvb-usb-az6027.
>
> [Potential Regression]
> Expecting very low potential.
>
> Baisong Zhong (1):
> media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
>
> drivers/media/usb/dvb-usb/az6027.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
applied to oem-5.17, -6.0, thanks
--
t
More information about the kernel-team
mailing list