1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
Description: concurrency use-after-free between drm_setmaster_ioctl and drm_mode_getresources
References:
https://www.openwall.com/lists/oss-security/2022/04/12/3
https://bugzilla.redhat.com/show_bug.cgi?id=2071022
https://bugzilla.suse.com/show_bug.cgi?id=1197914
https://www.openwall.com/lists/oss-security/2022/04/12/4
Notes:
carnil> Not a problem on 5.15.y and newer, but the list of commits need
carnil> to be isolated yet.
carnil> Is the main fix 56f0729a510f ("drm: protect drm_master pointers
carnil> in drm_lease.c")? Situation though is not very clear and what
carnil> exactly is needed.
bwh> I think most of these are fixing similar races even if some are not
bwh> needed for the specific race in the description. I don't think it
bwh> makes any sense to backport them selectively.
Bugs:
upstream: released (5.13-rc6) [b436acd1cf7fac0ba987abd22955d98025c80c2b, c336a5ee984708db4826ef9e47d184e638e29717], released (5.15-rc1) [869e76f7a918f010bd4518d58886969b1f642a04, 5eff9585de220cdd131237f5665db5e6c6bdf590, 1f7ef07cfa14fb8557d1f1b7a14c76926142a4fb, 0b0860a3cf5eccf183760b1177a1dcdb821b0b66, 56f0729a510f92151682ff6c89f69724d5595d6e, 28be2405fb753927e18bc1a891617a430b2a0684, 2bc5da528dd570c5ecabc107e6fbdbc55974276f]
5.10-upstream-stable: released (5.10.44) [491d52e0078860b33b6c14f0a7ac74ca1b603bd6, aa8591a58cbd2986090709e4202881f18e8ae30e], released (5.10.67) [54e51d288b38377e8cd645a83e1ad08cc9d20ccc, 06a553a99bacb00d3bc25f79e75c8e0fbf7a5025, 34609faad0c9f9f08d4b59d25c94b78bf5710d93, d6c91423993e8164ca4162ff046c6437bbd75b53]
4.19-upstream-stable: released (4.19.195) [7d233ba700ceb593905ea82b42dadb4ec8ef85e9, a376f7e66b654cb290fa9d16d8dab5bfef744463], needed
4.9-upstream-stable: released (4.9.273) [8e250a134c8fe2a945d10b421d0ccb54e85d8683], needed
sid: released (5.15.3-1)
5.10-bullseye-security: needed
4.19-buster-security: needed
4.9-stretch-security: needed
|
