[SRU][OEM-5.14/OEM-5.17][PATCH 0/1] CVE-2022-41849
Yuxuan Luo
yuxuan.luo at canonical.com
Wed Mar 15 20:35:23 UTC 2023
[Impact]
It was discovered that a race condition existed in the SMSC UFX USB driver
implementation in the Linux kernel when physically removing the USB device
while calling open() for this device node, leading to a use-after-free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
[Backport]
It is a clean cherry pick.
[Test]
Compile and boot tested.
[Potential Regression]
Relatively low because it only adds a mutex in open() and disconnect() function
Hyunwoo Kim (1):
fbdev: smscufx: Fix use-after-free in ufx_ops_open()
drivers/video/fbdev/smscufx.c | 14 +++++++++++++-
1 file changed, 13 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list