HID: asus: fixes a use-after-free in asus_kbd_backlight_set() (!2388) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Ricardo Robaina requested to merge rrobaina/centos-stream-9:bz2186283 into main Apr 18, 2023

Bugzilla: https://bugzilla.redhat.com/2186283

CVE: CVE-2023-1079

Brew: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=52052079

This patch series fixes a use-after-free that may be triggered
in asus_kbd_backlight_set() when attaching/detaching a USB device.
It was used spinlocks to deal with workers, introducing wrapper
asus_schedule_work(), and several spinlock checks to fix this flaw.

1324275f (Ricardo Robaina)
HID: asus: use spinlock to safely schedule workers

661dbf9b (Ricardo Robaina)
HID: asus: use spinlock to protect concurrent accesses

drivers/hid/hid-asus.c | 37 ++++++++++++++++++++++++++++++++-----
1 file changed, 32 insertions(+), 5 deletions(-)

Signed-off-by: Ricardo Robaina rrobaina@redhat.com

Edited Apr 18, 2023 by Ricardo Robaina

HID: asus: fixes a use-after-free in asus_kbd_backlight_set()

Merge request reports