[SRU][OEM-5.17][OEM-6.0][PATCH 0/1] CVE-2023-1118
Magali Lemes
magali.lemes.do.sacramento at canonical.com
Mon Mar 27 19:23:08 UTC 2023
[Impact]
A flaw use after free in the Linux kernel integrated infrared
receiver/transceiver driver was found in the way user detaching rc device. A
local user could use this flaw to crash the system or potentially escalate
their privileges on the system.
[Backport]
Clean cherry-pick.
[Test]
Compiled, boot and module load tested.
[Regression potential]
Minimal, since we're only unregistering the RC device and adding
del_timer_sync() to deactivate the tx_sim_timer timer as first actions in the
ene_remove() function. Regressions would possibly only affect users of the
infrared receiver/transceiver made by ENE.
Duoming Zhou (1):
media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
drivers/media/rc/ene_ir.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list