ACK: [SRU][Jammy][OEM-6.1][PATCH 0/2] CVE-2023-6039
Portia Stephens
portia.stephens at canonical.com
Fri Mar 22 00:26:16 UTC 2024
On Tue, Mar 19, 2024 at 05:25:06PM -0400, Yuxuan Luo wrote:
> [Impact]
> A use-after-free flaw was found in lan78xx_disconnect in
> drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx
> in the Linux Kernel. This flaw allows a local attacker to crash the
> system when the LAN78XX USB device detaches. This patch adds the
> follow-up commits needed for the fix.
>
> [Backport]
> They are all clean cherry picks.
>
> [Test]
> Compile and boot tested.
>
> [Where things could go wrong]
> This patch set slightly modified a kernel function which is only used by
> lan78xx since it is backported for its sake. Expect low risk regression
> limited to lan78xx.
>
> Thomas Gleixner (2):
> timers: Replace BUG_ON()s
> timers: Silently ignore timers with a NULL function
>
> kernel/time/timer.c | 66 ++++++++++++++++++++++++++++++++++++++-------
> 1 file changed, 57 insertions(+), 9 deletions(-)
Acked-by: Portia Stephens <portia.stephens at canonical.com>
More information about the kernel-team
mailing list