blob: e87545c30c62bbb4f46d3ca3d0409202c55f873a (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
Description: net: hso: do not call unregister if not registered
References:
https://www.spinics.net/lists/linux-usb/msg202228.html
https://lore.kernel.org/stable/20210928151544.270412-1-ovidiu.panait@windriver.com/
https://lore.kernel.org/stable/20210928143001.202223-1-ovidiu.panait@windriver.com/
https://lore.kernel.org/stable/20210928131523.2314252-1-ovidiu.panait@windriver.com/
https://ubuntu.com/security/CVE-2021-37159
https://bugzilla.suse.com/show_bug.cgi?id=1188601
Notes:
carnil> The original patch was not accepted:
carnil> https://www.spinics.net/lists/linux-usb/msg202313.html
carnil> and a fix probably never applied. Needs closer investigation.
carnil> The last commit is just a cleanup and not strictly necessary for the fix.
carnil> 5fcfb6d0bfcd ("hso: fix bailout in error case of probe") can be considered
carnil> a pre-requisite. This would be consistent with e.g. Ubuntu's triaging for
carnil> CVE-2021-37159 and SUSEs.
Bugs:
upstream: released (5.14-rc3) [a6ecfb39ba9d7316057cea823b196b734f6b18ca]
5.10-upstream-stable: released (5.10.54) [115e4f5b64ae8d9dd933167cafe2070aaac45849]
4.19-upstream-stable: released (4.19.209) [f6cf22a1ef49f8e131f99c3f5fd80ab6b23a2d21]
4.9-upstream-stable: released (4.9.290) [88b912e02d75bacbb957d817db70e6a54ea3a21c]
sid: released (5.14.6-1)
5.10-bullseye-security: released (5.10.70-1)
4.19-buster-security: released (4.19.208-1) [bugfix/all/usb-hso-fix-error-handling-code-of-hso_create_net_de.patch]
4.9-stretch-security: pending (4.9.290-1)
|
