ACK: [SRU][F][PATCH 0/1] CVE-2022-38096
Jian Hui Lee
jianhui.lee at canonical.com
Thu Nov 7 03:24:14 UTC 2024
Acked-by: Jian Hui Lee <jianhui.lee at canonical.com>
On Thu, Nov 7, 2024 at 5:53 AM Ian Whitfield
<ian.whitfield at canonical.com> wrote:
>
> [Impact]
>
> vmw_context_cotable can return either an error or a null pointer and its
> usage sometimes went unchecked. Subsequent code would then try to access
> either a null pointer or an error value.
>
> The invalid dereferences were only possible with malformed userspace
> apps which never properly initialized the rendering contexts.
>
> Check the results of vmw_context_cotable to fix the invalid derefs.
>
> [Backport]
>
> One conflict was due to this fix expecting another commit that
> partially addressed one of the error/null checks. Since this complete
> fix replaces the partial one, the conflict was resolved by adjusting
> context.
> Another conflict was due to this patch including fixes for two feature
> commits that are not applied to this tree, so these fixes were removed
> from the patch.
>
> [Fix]
>
> Oracular: not affected
> Noble: fixed via stable updates
> Jammy: fixed via stable updates
> Focal: backport
> Bionic: not affected
> Xenial: not affected
> Trusty: not affected
>
> [Test Case]
>
> Compile and boot tested
>
> [Where problems could occur]
>
> This fix affects those who use the DRM driver for VMware Virtual GPU. An
> issue with this fix would be visible to the user as a system crash.
>
> Zack Rusin (1):
> drm/vmwgfx: Fix possible null pointer derefence with invalid contexts
>
> drivers/gpu/drm/vmwgfx/vmwgfx_execbuf.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> --
> 2.43.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
More information about the kernel-team
mailing list