APPLIED Re: [OEM-5.14, OEM-5.17][PATCH 0/1] CVE-2022-3565
Timo Aaltonen
tjaalton at ubuntu.com
Tue Feb 7 14:11:36 UTC 2023
Yuxuan Luo kirjoitti 24.1.2023 klo 17.23:
> [Impact]
> A vulnerability is found at l1oip: when a timer handler is still running after
> the card is released, a use-after-free occurs.
>
> [Backport]
> It is a clean cherry pick.
>
> [Test]
> Compile tested.
>
> [Potential Regression]
> Potential regression is limited to users of ISDN over IP tunnel.
>
> Duoming Zhou (1):
> mISDN: fix use-after-free bugs in l1oip timer handlers
>
> drivers/isdn/mISDN/l1oip.h | 1 +
> drivers/isdn/mISDN/l1oip_core.c | 13 +++++++------
> 2 files changed, 8 insertions(+), 6 deletions(-)
>
applied to both, thanks
--
t
More information about the kernel-team
mailing list