ACK: [SRU][OEM-5.17][OEM-6.0][PATCH 0/1] CVE-2023-1118
Tim Gardner
tim.gardner at canonical.com
Tue Mar 28 13:00:51 UTC 2023
On 3/27/23 1:23 PM, Magali Lemes wrote:
> [Impact]
> A flaw use after free in the Linux kernel integrated infrared
> receiver/transceiver driver was found in the way user detaching rc device. A
> local user could use this flaw to crash the system or potentially escalate
> their privileges on the system.
>
> [Backport]
> Clean cherry-pick.
>
> [Test]
> Compiled, boot and module load tested.
>
> [Regression potential]
> Minimal, since we're only unregistering the RC device and adding
> del_timer_sync() to deactivate the tx_sim_timer timer as first actions in the
> ene_remove() function. Regressions would possibly only affect users of the
> infrared receiver/transceiver made by ENE.
>
> Duoming Zhou (1):
> media: rc: Fix use-after-free bugs caused by ene_tx_irqsim()
>
> drivers/media/rc/ene_ir.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
Acked-by: Tim Gardner <tim.gardner at canonical.com>
--
-----------
Tim Gardner
Canonical, Inc
More information about the kernel-team
mailing list