[SRU][F/J/K][PATCH 0/1] CVE-2022-4382
Yuxuan Luo
yuxuan.luo at canonical.com
Tue Feb 7 19:24:10 UTC 2023
[Impact]
A vulnerability was discovered in gadgetfs which causes use-after-free to
escalate local privilege.
[Backport]
It is a clean cherry-pick.
[Testing]
Compile, load the module and tested with the given PoC.
[Potential Regression]
Any potential regression is limited in the scope of gadgetfs driver.
Alan Stern (1):
USB: gadgetfs: Fix race between mounting and unmounting
drivers/usb/gadget/legacy/inode.c | 28 +++++++++++++++++++++-------
1 file changed, 21 insertions(+), 7 deletions(-)
--
2.34.1
More information about the kernel-team
mailing list