| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025101453-backboned-shine-17b8@gregkh> Date: Tue, 14 Oct 2025 07:26:41 +0200 From: Greg KH <gregkh@...uxfoundation.org> To: Jiaming Zhang <r772577952@...il.com> Cc: broonie@...nel.org, cryolitia@...ontech.com, linux-kernel@...r.kernel.org, linux-sound@...r.kernel.org, perex@...ex.cz, pierre-louis.bossart@...ux.dev, quic_wcheng@...cinc.com, syzkaller@...glegroups.com, tiwai@...e.com Subject: Re: [PATCH] ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card On Tue, Oct 14, 2025 at 12:01:49PM +0800, Jiaming Zhang wrote: > Hi Greg, > > Thanks for the guidance. You're right, the root cause of this issue is > that a USB audio device is created without a proper interface. > > To fix this issue, I added a check for the NULL return value in > try_to_register_card() before calling usb_interface_claimed(). > I have tested patch with the reproducer on the latest version (v6.18-rc1), > the issue was not triggered again. > > Please let me know if any changes are needed. > > Best regards, > Jiaming Zhang Can you resend this without this text above the changelog comment? > --- > > In try_to_register_card(), the return value of usb_ifnum_to_if() is > passed directly to usb_interface_claimed() without a NULL check, which > will lead to a NULL pointer dereference when creating an invalid > USB audio device. Fix this by adding a check to ensure the interface > pointer is valid before passing it to usb_interface_claimed(). > > Reported-by: Jiaming Zhang <r772577952@...il.com> > Signed-off-by: Jiaming Zhang <r772577952@...il.com> And as you authored this, no need for "Reported-by:" :) thanks, greg k-h
Powered by blists - more mailing lists