[SRU][OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-1670
Yuxuan Luo
yuxuan.luo at canonical.com
Tue May 9 20:10:00 UTC 2023
[Impact]
It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically proximate
or privileged attacker could use this to cause a denial of service (system
crash).
[Backport]
Clean cherry pick.
[Test]
Compile and smoke tested.
[Potential Regression]
Expecting low regression potential since this commit only adds an additional
layer of protect.
Zheng Wang (1):
xirc2ps_cs: Fix use after free bug in xirc2ps_detach
drivers/net/ethernet/xircom/xirc2ps_cs.c | 5 +++++
1 file changed, 5 insertions(+)
--
2.34.1
More information about the kernel-team
mailing list