[SRU][Jammy][Focal][PATCH 0/1] CVE-2023-22995
Bethany Jamison
bethany.jamison at canonical.com
Tue Jan 9 11:33:47 UTC 2024
[Impact]
In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in
drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.
[Fix]
Jammy: Clean cherry-pick.
Focal: I had a missing context merge conflict - I removed the conflicting line
from the incoming change because it wasn't apart of this cve fix and wasn't
applicable to Focal.
[Test Case]
Compile and boot test.
[Where problems could occur]
Problems could occur is dwc3 usb driver, when registering device.
Miaoqian Lin (1):
usb: dwc3: dwc3-qcom: Add missing platform_device_put() in
dwc3_qcom_acpi_register_core
drivers/usb/dwc3/dwc3-qcom.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list