APPLIED Re: [SRU OEM-5.17, OEM-6.0 PATCH 0/1] CVE-2023-1073
Timo Aaltonen
tjaalton at ubuntu.com
Fri Jun 2 06:48:46 UTC 2023
Cengiz Can kirjoitti 1.6.2023 klo 5.53:
> [Impact]
> A memory corruption flaw was found in the Linux kernel’s human interface device
> (HID) subsystem in how a user inserts a malicious USB device. This flaw allows
> a local user to crash or potentially escalate their privileges on the system.
>
> [Fix]
> Cherry picked from upstream.
>
> [Test case]
> Compile and boot tested.
>
> [Potential regression]
> Low. Only modifies list_entry usage to be list_first_entry_or_null instead.
>
> Pietro Borrello (1):
> HID: check empty report_list in hid_validate_values()
>
> drivers/hid/hid-core.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
applied to both, thanks
--
t
More information about the kernel-team
mailing list