[SRU][Jammy-OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-28328
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Jul 31 16:00:51 UTC 2023
[Impact]
Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel
contained a null pointer dereference when handling certain messages from
user space. A local attacker could use this to cause a denial of service
(system crash).
[Backport]
It's a clean cherry pick.
[Test]
Smoked tested via modprobe and rmmod dvb-usb-az6027.
[Potential Regression]
Expecting very low potential.
Baisong Zhong (1):
media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()
drivers/media/usb/dvb-usb/az6027.c | 4 ++++
1 file changed, 4 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list