Commit 55cd084
Herton R. Krzesinski
Merge: CVE-2022-43750 kernel: memory corruption in usbmon driver
MR: https://gitlab.com/redhat/centos-stream/src/kernel/centos-stream-9/-/merge_requests/2015
## BUGZILLA
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=2157698
## UPSTREAM STATUS
Upstream Status: Patch has been accepted on kernel/git/torvalds/linux.git
## CVE
CVE: CVE-2022-43750
## CONFLICTS
None
## BUILD INFORMATION
Build Info: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=50474173
## TESTING
Functional testing: TBD
Smoke test:
# modinfo usbmon
name: usbmon
filename: (builtin)
license: GPL
file: drivers/usb/mon/usbmon
# uname -r
5.14.0-255.rh2157698.el9.x86_64
# cat /etc/redhat-release
Red Hat Enterprise Linux release 9.1 (Plow)
# rpm -q --changelog kernel-5.14.0-255.rh2157698.el9.x86_64 | head -n2
* Thu Feb 02 2023 Desnes Nunes <desnesn@redhat.com> [5.14.0-255.rh2157698.el9]
- usb: mon: make mmapped memory read only (Desnes Nunes)
# lscpu | grep -m1 "Model name"
Model name: Intel(R) Xeon(R) Platinum 8360Y CPU @ 2.40GHz
# dmidecode | grep -A3 '^System Information'
System Information
Manufacturer: Intel Corporation
Product Name: M50CYP2SB2U
Version: ....................
## DESCRIPTION
This fixes CVE-2022-43750 that causes memory corruption in the usbmon driver.
This currently happens due to the possibility of /dev/usbmon memory being mmap
to user space, which will lead to a kernel crash.
Signed-off-by: Desnes Nunes <desnesn@redhat.com>
Approved-by: John B. Wyatt IV <jwyatt@redhat.com>
Approved-by: Dean Nelson <dnelson@redhat.com>
Approved-by: Torez Smith <torez@redhat.com>
Signed-off-by: Herton R. Krzesinski <herton@redhat.com>1 file changed
+5
-0
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1268 | 1268 | | |
1269 | 1269 | | |
1270 | 1270 | | |
| 1271 | + | |
| 1272 | + | |
| 1273 | + | |
| 1274 | + | |
| 1275 | + | |
1271 | 1276 | | |
1272 | 1277 | | |
1273 | 1278 | | |
| |||
0 commit comments