APPLIED: [SRU][B][F][PATCH 0/4] CVE-2022-3903
Stefan Bader
stefan.bader at canonical.com
Mon Mar 13 10:46:07 UTC 2023
On 10.03.23 19:20, Magali Lemes wrote:
> [Impact]
> An incorrect read request flaw was found in the Infrared Transceiver USB
> driver in the Linux kernel. This issue occurs when a user attaches a
> malicious USB device. A local user could use this flaw to starve the
> resources, causing denial of service or potentially crashing the system.
>
> [Backport]
> The fix is done by replacing the usb_control_msg() calls with
> usb_control_msg_send/recv() ones during the device initialization. The
> functions usb_control_msg_send/recv() are first defined in commit 719b8f2850,
> adjusted in commit ddd1198e3e, and need the definition of the
> usb_pipe_type_check() function, introduced in commit fcc2cc1f35. Therefore, we
> need to cherry-pick/backport 4 commits.
>
> [Test]
> Compiled.
>
> [Regression potential]
> We expect minimal regression, since there was no functional change.
>
> Alan Stern (1):
> media: mceusb: Use new usb_control_msg_*() routines
>
> Greg Kroah-Hartman (2):
> USB: move snd_usb_pipe_sanity_check into the USB core
> USB: add usb_control_msg_send() and usb_control_msg_recv()
>
> Oliver Neukum (1):
> USB: correct API of usb_control_msg_send/recv
>
> drivers/media/rc/mceusb.c | 35 ++++------
> drivers/usb/core/message.c | 137 +++++++++++++++++++++++++++++++++++++
> drivers/usb/core/urb.c | 31 ++++++---
> include/linux/usb.h | 9 +++
> 4 files changed, 183 insertions(+), 29 deletions(-)
>
Applied to focal,bionic:linux/master-next. Thanks.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 44613 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230313/484bf1cf/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20230313/484bf1cf/attachment-0001.sig>
More information about the kernel-team
mailing list