ACK: [SRU][F][PATCH 0/1] CVE-2024-24860
Manuel Diewald
manuel.diewald at canonical.com
Wed Jul 10 12:15:38 UTC 2024
On Tue, Jul 09, 2024 at 02:44:07PM -0400, Yuxuan Luo wrote:
> [Impact]
> A race condition is found in net/bluetooth subsystem during a key
> setting session due to atomicity violation. This data race can lead to
> unexpected data inconsistency, harming user system's data integrity.
>
> [Backport]
> Although the break commit is not included in the tree, we believe that
> the race condition has long existed since the introduction of
> le_min_key_size_write() and le_max_key_size_write() which were later
> renamed to {min,max}_key_size_set(). Therefore, I manually applied the
> fix made for hci_debugfs.c to smp.c since 18f81241b74f ("Bluetooth: Move
> {min,max}_key_size debugfs into hci_debugfs_create_le") is yet to be
> introduced.
>
> [Test]
> Compiled only.
>
> [Where things could go wrong]
> Bluetooth system may produce unexpected behaviour when pairing if
> a regression occurs.
>
> Gui-Dong Han (1):
> Bluetooth: Fix atomicity violation in {min,max}_key_size_set
>
> net/bluetooth/smp.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Acked-by: Manuel Diewald <manuel.diewald at canonical.com>
--
Manuel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240710/289a1471/attachment.sig>
More information about the kernel-team
mailing list