blob: af0765beb19638b5c2c15b7b5afec855567314ef (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid
References:
Notes:
carnil> The issue (as the CVE is bound the drivers/usb/dwc3/gadget.c)
carnil> might be considered as fixed already solely by c91815b59624
carnil> ("usb: dwc3: gadget: never call ->complete() from ->ep_queue()").
carnil> There is a related commit 072684e8c58d ("USB: gadget: f_hid:
carnil> fix deadlock in f_hidg_write()") only present in 5.1-rc3 and
carnil> potential backports. The assignment seems though specific to
carnil> c91815b59624.
benh> Introduced in 4.10 by commit 15b8d9332b92 "usb: dwc3: gadget:
benh> giveback request if we can't kick it"
Bugs:
upstream: released (4.17-rc1) [c91815b596245fd7da349ecc43c8def670d2269e]
4.19-upstream-stable: N/A "Fixed before branching point"
4.9-upstream-stable: N/A "Vulnerability introduced later"
3.16-upstream-stable: N/A "Vulnerability introduced later"
sid: released (4.16.5-1)
4.19-buster-security: N/A "Fixed before branching point"
4.9-stretch-security: N/A "Vulnerability introduced later"
3.16-jessie-security: N/A "Vulnerability introduced later"
|
