APPLIED: [SRU][F][PATCH 0/1] CVE-2024-41073

[Stefan Bader]

On 13.09.24 10:12, Koichiro Den wrote:
> [Impact]
> 
> nvme: avoid double free special payload
> 
> If a discard request needs to be retried, and that retry may fail before
> a new special payload is added, a double free will result. Clear the
> RQF_SPECIAL_LOAD when the request is cleaned.
> 
> [Backport]
> 
> Adjusted context due to a missing commit 3973e15fa534 ("nvme: use bvec_virt")
> 
> [Fix]
> 
> Noble:  fixed via stable (pending)
> Jammy:  fixed via stable (pending)
> Focal:  Backport - adjusted contexts due to a missing commit
> Bionic: fix sent to esm ML
> Xenial: not affected
> Trusty: not affected
> 
> [Test case]
> 
> Compile and boot tested
> 
> [Where problem could occur]
> 
> This fix affects those who use any NVMe device, an issue with this fix
> would be visible to the user via unpredicted system behavior or a system
> crash induced by a double free under specific conditions.
> 
> 
> Chunguang Xu (1):
>    nvme: avoid double free special payload
> 
>   drivers/nvme/host/core.c | 1 +
>   1 file changed, 1 insertion(+)
> 

Applied to focal:linux/master-next. Thanks.

-Stefan

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE8675DEECBEECEA3.asc
Type: application/pgp-keys
Size: 48643 bytes
Desc: OpenPGP public key
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240925/4930050a/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20240925/4930050a/attachment-0001.sig>