ACK: [SRU][F][PATCH 0/1] CVE-2024-41073
Thibault Ferrante
thibault.ferrante at canonical.com
Fri Sep 13 11:35:56 UTC 2024
Acked-by: Thibault Ferrante <thibault.ferrante at canonical.com>
On 13-09-2024 10:12, Koichiro Den wrote:
> [Impact]
>
> nvme: avoid double free special payload
>
> If a discard request needs to be retried, and that retry may fail before
> a new special payload is added, a double free will result. Clear the
> RQF_SPECIAL_LOAD when the request is cleaned.
>
> [Backport]
>
> Adjusted context due to a missing commit 3973e15fa534 ("nvme: use bvec_virt")
>
> [Fix]
>
> Noble: fixed via stable (pending)
> Jammy: fixed via stable (pending)
> Focal: Backport - adjusted contexts due to a missing commit
> Bionic: fix sent to esm ML
> Xenial: not affected
> Trusty: not affected
>
> [Test case]
>
> Compile and boot tested
>
> [Where problem could occur]
>
> This fix affects those who use any NVMe device, an issue with this fix
> would be visible to the user via unpredicted system behavior or a system
> crash induced by a double free under specific conditions.
>
>
> Chunguang Xu (1):
> nvme: avoid double free special payload
>
> drivers/nvme/host/core.c | 1 +
> 1 file changed, 1 insertion(+)
>
--
--
Thibault
More information about the kernel-team
mailing list