Re: [PATCH 3.19 091/123] gadgetfs: use-after-free in ->aio_read()
From: Greg Kroah-Hartman
Date: Wed Mar 25 2015 - 04:34:07 EST
On Tue, Mar 24, 2015 at 07:06:56PM +0100, Alexander Holler wrote:
> Am 24.03.2015 um 18:58 schrieb Greg Kroah-Hartman:
> >On Tue, Mar 24, 2015 at 06:30:17PM +0100, Alexander Holler wrote:
> >>Am 24.03.2015 um 16:46 schrieb Greg Kroah-Hartman:
> >>>3.19-stable review patch. If anyone has any objections, please let me know.
> >>>
> >>>------------------
> >>>
> >>>From: Al Viro <viro@xxxxxxxxxxxxxxxxxx>
> >>>
> >>>commit f01d35a15fa04162a58b95970fc01fa70ec9dacd upstream.
> >>
> >>Just what I've thought. Please see
> >>
> >>https://lkml.org/lkml/2015/3/15/5
> >
> >I have no idea what you are asking me to do here, please be specific.
>
> In order to not become blamed for mangling some language, here's a machine
> generated output:
>
> ------
> wandq linux # git co -b t v3.19.2
> Switched to a new branch 't'
> wandq linux # git am /tmp/\[PATCH\ 3.19\ 091_123\]\ gadgetfs\:\
> use-after-free\ in\ -\>aio_read\(\).eml
> Applying: gadgetfs: use-after-free in ->aio_read()
> wandq linux # make drivers/usb/gadget/legacy/gadgetfs.ko
> (...)
> CALL scripts/checksyscalls.sh
> CC [M] drivers/usb/gadget/legacy/inode.o
> drivers/usb/gadget/legacy/inode.c: In function 'ep_aio_rwtail':
> drivers/usb/gadget/legacy/inode.c:642:12: warning: 'value' may be used
> uninitialized in this function [-Wmaybe-uninitialized]
> ssize_t value;
> ^
> LD [M] drivers/usb/gadget/legacy/gadgetfs.o
> (...)
> ------
Is there a specific patch that is in Linus's tree that fixes this issue
that I should be applying to the stable tree?
thanks,
greg k-h
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/