APPLIED[J]: [SRU][Jammy][OEM-6.1][PATCH 0/2] CVE-2023-6039
Portia Stephens
portia.stephens at canonical.com
Mon Mar 25 02:50:57 UTC 2024
On Fri, Mar 22, 2024 at 04:05:19PM +0100, Roxana Nicolescu wrote:
>
> On 19/03/2024 22:25, Yuxuan Luo wrote:
> > [Impact]
> > A use-after-free flaw was found in lan78xx_disconnect in
> > drivers/net/usb/lan78xx.c in the network sub-component, net/usb/lan78xx
> > in the Linux Kernel. This flaw allows a local attacker to crash the
> > system when the LAN78XX USB device detaches. This patch adds the
> > follow-up commits needed for the fix.
> >
> > [Backport]
> > They are all clean cherry picks.
> >
> > [Test]
> > Compile and boot tested.
> >
> > [Where things could go wrong]
> > This patch set slightly modified a kernel function which is only used by
> > lan78xx since it is backported for its sake. Expect low risk regression
> > limited to lan78xx.
> >
> > Thomas Gleixner (2):
> > timers: Replace BUG_ON()s
> > timers: Silently ignore timers with a NULL function
> >
> > kernel/time/timer.c | 66 ++++++++++++++++++++++++++++++++++++++-------
> > 1 file changed, 57 insertions(+), 9 deletions(-)
> >
> Applied to jammy master-next branch. Thanks!
This was nack'd by Timo since t oem-6.1 is now EOL.
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list