ACK: [SRU][N/J][PATCH 0/1] CVE-2024-39292
Kevin Becker
kevin.becker at canonical.com
Fri Jul 12 19:37:01 UTC 2024
On Fri, Jul 12, 2024 at 12:30 PM Bethany Jamison
<bethany.jamison at canonical.com> wrote:
>
> [Impact]
>
> um: Add winch to winch_handlers before registering winch IRQ
>
> Registering a winch IRQ is racy, an interrupt may occur before the winch is
> added to the winch_handlers list.
>
> If that happens, register_winch_irq() adds to that list a winch that is
> scheduled to be (or has already been) freed, causing a panic later in
> winch_cleanup().
>
> Avoid the race by adding the winch to the winch_handlers list before
> registering the IRQ, and rolling back if um_request_irq() fails.
>
> [Fix]
>
> Noble: Clean cherry-pick from linux-6.9.y
> Jammy: Noble patch applied cleanly
> Focal: pending (5.4.0-192.212)
> Bionic: fix sent to esm ML
> Xenial: fix sent to esm ML
> Trusty: not going to be fixed by us
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> This fix affects those who use User-Mode Linux, an issue with
> this fix would be visible to the user via unpredicted system
> behavior.
>
> Roberto Sassu (1):
> um: Add winch to winch_handlers before registering winch IRQ
>
> arch/um/drivers/line.c | 14 ++++++++------
> 1 file changed, 8 insertions(+), 6 deletions(-)
>
> --
Acked-by: Kevin Becker <kevin.becker at canonical.com>
More information about the kernel-team
mailing list