[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <bc57c8b3-4334-4595-8b5a-5233316edcfb@rowland.harvard.edu>
Date: Tue, 6 Aug 2024 09:38:46 -0400
From: Alan Stern <stern@...land.harvard.edu>
To: LidongLI <wirelessdonghack@...il.com>
Cc: gregkh@...uxfoundation.org, kvalo@...nel.org,
linux-kernel@...r.kernel.org, linux-usb@...r.kernel.org,
linux-wireless@...r.kernel.org, mark.esler@...onical.com,
stf_xl@...pl
Subject: Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer
Dereference&Use-After-Free Vulnerability
On Tue, Aug 06, 2024 at 09:59:04AM +0800, LidongLI wrote:
>
> Dear Greg,
>
> Thank you, Greg!
>
>
> Yes, as you mentioned, it requires users to create their own udev
> rules, which is not common among Ubuntu personal users. However, in
> some non-personal user scenarios, they must pre-add udev rules to meet
> their needs. A simple example: in some Ubuntu embedded Linux
> scenarios, we found that when starting a wireless hotspot, developers
> must configure udev rules to ensure a stable connection, enable
> auto-loading of drivers, or auto-run or write USB-based
> auto-configuration scripts.
>
> Alright, thank you for your fix. We will proceed to the email you
> specified to request a CVE.
LidongLI, are you able to test patches?
It looks like the driver does not properly shut down its async queues
when it unbinds. The best person to address this problem is the
driver's maintainer, Stanislaw Gruszka. Nevertheless, I can help by
suggesting things to test.
Alan Stern
Powered by blists - more mailing lists