ACK: [SRU][OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2022-4382
Marcelo Henrique Cerri
marcelo.cerri at canonical.com
Wed Mar 29 18:01:40 UTC 2023
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On Tue, Mar 28 2023, Yuxuan Luo wrote:
> [Impact]
> A vulnerability was discovered in gadgetfs which causes use-after-free to
> escalate local privilege.
>
> [Backport]
> It is a clean cherry-pick.
>
> [Testing]
> Compile, load the module and tested with the given PoC.
>
> [Potential Regression]
> Any potential regression is limited in the scope of gadgetfs driver.
>
> Alan Stern (1):
> USB: gadgetfs: Fix race between mounting and unmounting
>
> drivers/usb/gadget/legacy/inode.c | 28 +++++++++++++++++++++-------
> 1 file changed, 21 insertions(+), 7 deletions(-)
>
> --
> 2.34.1
Acked-by: Marcelo Henrique Cerri <marcelo.cerri at canonical.com>
- --
Regards,
Marcelo
-----BEGIN PGP SIGNATURE-----
iQHQBAEBCgA6FiEExJjLjAfVL0XbfEr56e82LoessAkFAmQkfQccHG1hcmNlbG8u
Y2VycmlAY2Fub25pY2FsLmNvbQAKCRDp7zYuh6ywCRp4C/wK5Mg2Iyu/Tp2hiDn8
fN3v4iwYTUTEICPsIgl8nN2eth9HaV5YlaLJnwTu2k/H3GgyL0cFYQ9RXx74A0s8
qYkN2pZFa/+N6uU+YFTqf3j5vV1AHF3ITagNu+Qbk7QNz7Azpxw202TIF84+/RFw
hXZJu/V+XAHJgR/gtHMpIBCeTFSJyKYs1pDGnZhcqt0CTLEC56OMR/F7/89978lj
G9ntCQ0K5lnhgHOMIjaOf4wPBXH1kces2FfKISCQ0TpfTfblCQMgcHLhYc5z54EH
fWZOWu3JDV2CpGazp60DjTE826eBPiJwkp/KIV/1oYuFoMsKKXFizfpaF/dgpsuI
/jueeqgK4wgg6iwwXjnZEpvVDi4zs28Ms3AgykTSvsaAkpzR0CEQH2cHa1yvWwvc
84ACoIFUOCavBLIUTESrepY1ut943R83AStqZuvK6T+iLiQiyeJzNoQ6/p5Y5Lzs
ThJ6vu3V0ImSmeEYdOojD5E2Ja5yg4t9Jfiy71P4MkcTqN8=
=p9os
-----END PGP SIGNATURE-----
More information about the kernel-team
mailing list