From patchwork Thu Sep  7 22:37:25 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Yuxuan Luo <yuxuan.luo@canonical.com>
X-Patchwork-Id: 1831164
Return-Path: <kernel-team-bounces@lists.ubuntu.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=canonical.com header.i=@canonical.com
 header.a=rsa-sha256 header.s=20210705 header.b=u/jYFUzM;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=lists.ubuntu.com
 (client-ip=185.125.189.65; helo=lists.ubuntu.com;
 envelope-from=kernel-team-bounces@lists.ubuntu.com;
 receiver=patchwork.ozlabs.org)
Received: from lists.ubuntu.com (lists.ubuntu.com [185.125.189.65])
	(using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4RhYzD3pPrz1yhh
	for <incoming@patchwork.ozlabs.org>; Fri,  8 Sep 2023 08:37:43 +1000 (AEST)
Received: from localhost ([127.0.0.1] helo=lists.ubuntu.com)
	by lists.ubuntu.com with esmtp (Exim 4.86_2)
	(envelope-from <kernel-team-bounces@lists.ubuntu.com>)
	id 1qeNcx-0003pg-IC; Thu, 07 Sep 2023 22:37:31 +0000
Received: from smtp-relay-internal-1.internal ([10.131.114.114]
 helo=smtp-relay-internal-1.canonical.com)
 by lists.ubuntu.com with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.86_2) (envelope-from <yuxuan.luo@canonical.com>)
 id 1qeNcw-0003pN-3G
 for kernel-team@lists.ubuntu.com; Thu, 07 Sep 2023 22:37:30 +0000
Received: from mail-qk1-f197.google.com (mail-qk1-f197.google.com
 [209.85.222.197])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
 SHA256)
 (No client certificate requested)
 by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id D60993F18B
 for <kernel-team@lists.ubuntu.com>; Thu,  7 Sep 2023 22:37:29 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com;
 s=20210705; t=1694126249;
 bh=wHJ6gxNY7ehuhndK7RwQ4gEkef5rLw89UbmbqXV75Oc=;
 h=From:To:Subject:Date:Message-Id:MIME-Version;
 b=u/jYFUzMC0Ypm3Ec9FDL9hV1lrFMSbZTzR1tr0GkvwBoppWsj5ass4dLH0J+5Bz3/
 ItG2Zu/J/0dhrFsMAtnEaVO3jerjsnaG30OnIOC8HIGctRkPdCj480GRrsM7PGs/a1
 gk5FBtB3zpJTWWnbNCNygP3KcnswALG/n2XmrH6bCODm4uKr3qjeO4s8IY2af92UhX
 vZYOf/ysaT+M8xg5ifQA+u1OBs+T6u3eXoBh1aEYuFPAKEnY4ljL6jyy9i6ryeGm9f
 pYcfI1u8eGPJE1QnLdjpLxgZPLypBNkX5vv6jK3SdYiN8SquI/EWiOx5tz/8FPZta7
 U8HRM/X1vWQhQ==
Received: by mail-qk1-f197.google.com with SMTP id
 af79cd13be357-76f0b7e3879so151157885a.0
 for <kernel-team@lists.ubuntu.com>; Thu, 07 Sep 2023 15:37:29 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1694126248; x=1694731048;
 h=content-transfer-encoding:mime-version:message-id:date:subject:to
 :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=wHJ6gxNY7ehuhndK7RwQ4gEkef5rLw89UbmbqXV75Oc=;
 b=tLU43CzPPhttioSf6bMfAvvPJToZHrCnkiBI/rrmCPf6ARPMfKrBX4zKO68Y2ph7/R
 LSeCojintHbwKyIFm9ZdNKnG9APP4+qberuw94ttkerd9aamErHBIXdToDd1uu4d5s5B
 rvvD9nVmmeSVdg37HE6qS3OUVrgBnF6Qcu4sJZtyadV0ZHZVk5DgIKj+R6oKSVKp9D0j
 TtwxN+BKTDlM7DCEy4B5NoI8hXBOGR62bqyEjmwmoc3IX/RRmQWiRojWUFF8KasaqB53
 GEjDgZxqKEYQxDSG7tNfe6CKQpq5XSb7XS9OZl4bOpN5QIxTeue/vjGoEzWfNYf1wSDE
 TdRQ==
X-Gm-Message-State: AOJu0YzubCyzQ8Li6Wwlyt7JZeu1zCPGY9V60hAPHO2vgf/AL/IXpOSf
 LT+snkiDIwluYWFRjDDxIrUyoUaMtUV8n2farW7XZOY29oMD42pQekpBq8tlmFmP8nffE3KjupJ
 t2eWeE3zgePHWxSLP5TzM5z3e3OIPY4qFiKX8vf7C08S1J1M16g==
X-Received: by 2002:a05:620a:454a:b0:76e:fea0:3f40 with SMTP id
 u10-20020a05620a454a00b0076efea03f40mr1025258qkp.8.1694126248508;
 Thu, 07 Sep 2023 15:37:28 -0700 (PDT)
X-Google-Smtp-Source: 
 AGHT+IGaH0sMP1yr+xS92ANpwpe0u1HnsvWqt4HyCVMicsDYSZefTZybBHeReXir8WzZ/lcq9ciAkQ==
X-Received: by 2002:a05:620a:454a:b0:76e:fea0:3f40 with SMTP id
 u10-20020a05620a454a00b0076efea03f40mr1025249qkp.8.1694126248259;
 Thu, 07 Sep 2023 15:37:28 -0700 (PDT)
Received: from cache-ubuntu.hsd1.nj.comcast.net
 ([2601:86:200:98b0:99bd:e79d:4652:a396])
 by smtp.gmail.com with ESMTPSA id
 c23-20020ae9e217000000b0076eed604793sm110034qkc.130.2023.09.07.15.37.27
 for <kernel-team@lists.ubuntu.com>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Thu, 07 Sep 2023 15:37:27 -0700 (PDT)
From: Yuxuan Luo <yuxuan.luo@canonical.com>
To: kernel-team@lists.ubuntu.com
Subject: [SRU][F/L][PATCH 0/1] CVE-2023-4132
Date: Thu,  7 Sep 2023 18:37:25 -0400
Message-Id: <20230907223726.54322-1-yuxuan.luo@canonical.com>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
X-BeenThere: kernel-team@lists.ubuntu.com
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: Kernel team discussions <kernel-team.lists.ubuntu.com>
List-Unsubscribe: <https://lists.ubuntu.com/mailman/options/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=unsubscribe>
List-Archive: <https://lists.ubuntu.com/archives/kernel-team>
List-Post: <mailto:kernel-team@lists.ubuntu.com>
List-Help: <mailto:kernel-team-request@lists.ubuntu.com?subject=help>
List-Subscribe: <https://lists.ubuntu.com/mailman/listinfo/kernel-team>,
 <mailto:kernel-team-request@lists.ubuntu.com?subject=subscribe>
Errors-To: kernel-team-bounces@lists.ubuntu.com
Sender: "kernel-team" <kernel-team-bounces@lists.ubuntu.com>

[Impact]
A use-after-free vulnerability was found in the siano smsusb module in
the Linux kernel. The bug occurs during device initialization when the
siano device is plugged in. This flaw allows a local user to crash the
system, causing a denial of service condition.

[Backport]
Clean cherry pick.

[Test]
Compile and boot tested.

[Potential Regression]
Expect minimal regression potential.

Duoming Zhou (1):
  media: usb: siano: Fix warning due to null work_func_t function
    pointer

 drivers/media/usb/siano/smsusb.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
Acked-by: Tim Gardner <tim.gardner@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>