APPLIED: [SRU][B][F][PATCH 0/4] CVE-2022-3903

Stefan Bader stefan.bader at canonical.com
Mon Mar 13 10:46:07 UTC 2023 

On 10.03.23 19:20, Magali Lemes wrote:
> [Impact]
> An incorrect read request flaw was found in the Infrared Transceiver USB
> driver in the Linux kernel. This issue occurs when a user attaches a
> malicious USB device. A local user could use this flaw to starve the
> resources, causing denial of service or potentially crashing the system.
> 
> [Backport]
> The fix is done by replacing the usb_control_msg() calls with
> usb_control_msg_send/recv() ones during the device initialization. The
> functions usb_control_msg_send/recv() are first defined in commit 719b8f2850,
> adjusted in commit ddd1198e3e, and need the definition of the
> usb_pipe_type_check() function, introduced in commit fcc2cc1f35. Therefore, we
> need to cherry-pick/backport 4 commits.
> 
> [Test]
> Compiled.
> 
> [Regression potential]
> We expect minimal regression, since there was no functional change.
> 
> Alan Stern (1):
>    media: mceusb: Use new usb_control_msg_*() routines
> 
> Greg Kroah-Hartman (2):
>    USB: move snd_usb_pipe_sanity_check into the USB core
>    USB: add usb_control_msg_send() and usb_control_msg_recv()
> 
> Oliver Neukum (1):
>    USB: correct API of usb_control_msg_send/recv
> 
>   drivers/media/rc/mceusb.c  |  35 ++++------
>   drivers/usb/core/message.c | 137 +++++++++++++++++++++++++++++++++++++
>   drivers/usb/core/urb.c     |  31 ++++++---
>   include/linux/usb.h        |   9 +++
>   4 files changed, 183 insertions(+), 29 deletions(-)
> 

Applied to focal,bionic:linux/master-next. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230313/484bf1cf/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230313/484bf1cf/attachment-0001.sig>

More information about the kernel-team mailing list