APPLIED Re: [SRU][OEM-5.17/OEM-6.0][PATCH 0/1] CVE-2023-1670
Timo Aaltonen
tjaalton at ubuntu.com
Thu May 18 11:58:40 UTC 2023
Yuxuan Luo kirjoitti 9.5.2023 klo 23.10:
> [Impact]
> It was discovered that the Xircom PCMCIA network device driver in the Linux
> kernel did not properly handle device removal events. A physically proximate
> or privileged attacker could use this to cause a denial of service (system
> crash).
>
> [Backport]
> Clean cherry pick.
>
> [Test]
> Compile and smoke tested.
>
> [Potential Regression]
> Expecting low regression potential since this commit only adds an additional
> layer of protect.
>
> Zheng Wang (1):
> xirc2ps_cs: Fix use after free bug in xirc2ps_detach
>
> drivers/net/ethernet/xircom/xirc2ps_cs.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
applied to both, thanks
--
t
More information about the kernel-team
mailing list