NACK: [SRU][Jammy][Focal][PATCH 0/1] CVE-2023-22995
Bethany Jamison
bethany.jamison at canonical.com
Tue Jan 9 12:19:18 UTC 2024
Missing backporting for Focal.
On 1/9/24 6:33 AM, Bethany Jamison wrote:
> [Impact]
>
> In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in
> drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.
>
> [Fix]
>
> Jammy: Clean cherry-pick.
> Focal: I had a missing context merge conflict - I removed the conflicting line
> from the incoming change because it wasn't apart of this cve fix and wasn't
> applicable to Focal.
>
> [Test Case]
>
> Compile and boot test.
>
> [Where problems could occur]
>
> Problems could occur is dwc3 usb driver, when registering device.
>
> Miaoqian Lin (1):
> usb: dwc3: dwc3-qcom: Add missing platform_device_put() in
> dwc3_qcom_acpi_register_core
>
> drivers/usb/dwc3/dwc3-qcom.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
More information about the kernel-team
mailing list