NACK: [SRU][J][PATCH 0/1] CVE-2024-50061
Thibault Ferrante
thibault.ferrante at canonical.com
Thu Nov 6 08:37:20 UTC 2025
Nacking at top level the submission
On 26/09/2025 15:56, Alice C. Munduruca wrote:
> [ Impact ]
>
> A use-after-free is possible if two functions in `i3c/master`
> enter a race condition. In order to ensure that this can no longer
> occur, we invalidate any related work when unregistering a `i3c`
> device so that it cannot then be used to access the underlying
> freed value.
>
> [ Fix ]
>
> jammy: backported from upstream, simply applying the change despite
> a missing commit which caused contextual differences.
>
> [ Tests ]
>
> Compile and boot tested.
>
> [ Where problems could occur ]
>
> One-line change with limited backport-related regression potential.
> Since the scope is limited to i3c, the most that could happen is a
> denial of that specific service. (although this is quite unlikely)
>
> Kaixin Wang (1):
> i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master
> Driver Due to Race Condition
>
> drivers/i3c/master/i3c-master-cdns.c | 1 +
> 1 file changed, 1 insertion(+)
>
More information about the kernel-team
mailing list