CVE-2022-1462: race condition vulnerability in drivers/tty/tty_buffers.c
From: Dan Carpenter
Date: Wed Jun 01 2022 - 14:35:07 EST
Hi Greg, Jiri,
I searched lore.kernel.org and it seemed like CVE-2022-1462 might not
have ever been reported to you? Here is the original email with the
syzkaller reproducer.
https://seclists.org/oss-sec/2022/q2/155
The reporter proposed a fix, but it won't work. Smatch says that some
of the callers are already holding the port->lock. For example,
sci_dma_rx_complete() will deadlock.
regards,
dan carpenter