Draft: CVE-2024-35812: usb: cdc-wdm: close race between read and workqueue (!4580) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

CKI Backport Bot requested to merge redhat/red-hat-ci-tools/kernel/bot-branches/centos-stream-9:backport-RHEL-36960-centos-stream-9-main into main Jun 25, 2024

JIRA: https://issues.redhat.com/browse/RHEL-36960
CVE: CVE-2024-35812

usb: cdc-wdm: close race between read and workqueue

wdm_read() cannot race with itself. However, in
service_outstanding_interrupt() it can race with the
workqueue, which can be triggered by error handling.

Hence we need to make sure that the WDM_RESPONDING
flag is not just only set but tested.

Fixes: afba937e540c9 ("USB: CDC WDM driver")
Cc: stable <stable@kernel.org>
Signed-off-by: Oliver Neukum <oneukum@suse.com>
Link: https://lore.kernel.org/r/20240314115132.3907-1-oneukum@suse.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
(cherry picked from commit 339f83612f3a569b194680768b22bf113c26a29d)

Signed-off-by: cki-backport-bot cki-ci-bot+cki-gitlab-backport-bot@redhat.com

Draft: CVE-2024-35812: usb: cdc-wdm: close race between read and workqueue

Merge request reports