lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <ZyzpOJGb3UiGDWzR@hovoldconsulting.com>
Date: Thu, 7 Nov 2024 17:22:16 +0100
From: Johan Hovold <johan@...nel.org>
To: Qiu-ji Chen <chenqiuji666@...il.com>
Cc: gregkh@...uxfoundation.org, linux-usb@...r.kernel.org,
	linux-kernel@...r.kernel.org, baijiaju1990@...il.com
Subject: Re: [PATCH v2] USB: serial: ftdi_sio: Fix atomicity violation in
 get_serial_info()

On Thu, Nov 07, 2024 at 07:35:34PM +0800, Qiu-ji Chen wrote:
> Our static checker found a bug where set_serial_info() uses a mutex, but
> get_serial_info() does not. Fortunately, the impact of this is relatively
> minor. It doesn't cause a crash or any other serious issues. However, if a
> race condition occurs between set_serial_info() and get_serial_info(),
> there is a chance that the data returned by get_serial_info() will be
> inconsistent.
> 
> Signed-off-by: Qiu-ji Chen <chenqiuji666@...il.com>
> Fixes: 3ae36bed3a93 ("fdti_sio: switch to ->[sg]et_serial()")
> ---
> Similar issues have been submitted or confirmed: 
> https://lore.kernel.org/all/20241002125845.785464707@linuxfoundation.org/ 
> https://lore.kernel.org/all/20241106095819.15194-1-chenqiuji666@gmail.com/
> ---
> V2:
> Revised the description, placed the reference link below "---".
> Used the correct patch prefix.
> Thanks Johan Hovold for helpful suggestion.

Applied for -next, thanks.

Johan

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ