NACK/Cmnt: [SRU][N][PATCH 0/1] CVE-2024-35997
Stefan Bader
stefan.bader at canonical.com
Thu Jul 4 17:33:06 UTC 2024
On 25.06.24 19:46, Bethany Jamison wrote:
> [Impact]
>
> HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
>
> The flag I2C_HID_READ_PENDING is used to serialize I2C operations.
> However, this is not necessary, because I2C core already has its own
> locking for that.
>
> More importantly, this flag can cause a lock-up: if the flag is set in
> i2c_hid_xfer() and an interrupt happens, the interrupt handler
> (i2c_hid_irq) will check this flag and return immediately without doing
> anything, then the interrupt handler will be invoked again in an
> infinite loop.
>
> Since interrupt handler is an RT task, it takes over the CPU and the
> flag-clearing task never gets scheduled, thus we have a lock-up.
>
> Delete this unnecessary flag.
>
> [Fix]
>
> Noble: Clean cherry-pick from linux-6.8.y
> Jammy: pending
> Focal: pending
> Bionic: fix sent to esm ML
> Xenial: fix sent to esm ML
> Trusty: not going to be fixed by us
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This fix affects those who use the HID over I2C protocol
> implementation, an issue with this fix would be visible to the user
> via a system freeze or crash.
>
> Nam Cao (1):
> HID: i2c-hid: remove I2C_HID_READ_PENDING flag to prevent lock-up
>
> drivers/hid/i2c-hid/i2c-hid-core.c | 9 ---------
> 1 file changed, 9 deletions(-)
>
Rejected for the following reasons:
Already applied for Noble update: v6.8.9 upstream stable release. CVE
number added to commit message.
-Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240704/327f6d38/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240704/327f6d38/attachment-0001.sig>
More information about the kernel-team
mailing list