Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition

From: Greg KH
Date: Sun Sep 10 2023 - 02:59:14 EST

Next message: Kasireddy, Vivek: "RE: [syzbot] [mm?] kernel BUG in filemap_unaccount_folio"
Previous message: Biju Das: "[PATCH v3] regulator: max20086: Drop ID table"
In reply to: Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco): "RE: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition"
Next in thread: Greg KH: "Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sun, Sep 10, 2023 at 06:25:22AM +0000, Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) wrote:
> -----Original Message-----
> From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
> Sent: Saturday, September 9, 2023 5:17 PM
> To: Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) <deeratho@xxxxxxxxx>
> Cc: stable@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> Subject: Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
>
> On Sat, Sep 09, 2023 at 08:49:52AM +0000, Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) wrote:
> > -----Original Message-----
> > From: Greg KH <gregkh@xxxxxxxxxxxxxxxxxxx>
> > Sent: Friday, September 8, 2023 12:39 PM
> > To: Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)
> > <deeratho@xxxxxxxxx>
> > Cc: stable@xxxxxxxxxxxxxxx; linux-kernel@xxxxxxxxxxxxxxx
> > Subject: Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free
> > bug in btsdio_remove due to race condition
> >
> > > A: http://en.wikipedia.org/wiki/Top_post
> > > Q: Were do I find info about this thing called top-posting?
> > > A: Because it messes up the order in which people normally read text.
> > > Q: Why is top-posting such a bad thing?
> > > A: Top-posting.
> > > Q: What is the most annoying thing in e-mail?
> >
> > > A: No.
> > > Q: Should I include quotations after my reply?
> >
> >
> > > http://daringfireball.net/2007/07/on_top
> >
> > On Fri, Sep 08, 2023 at 06:54:06AM +0000, Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) wrote:
> > > Hi Greg,
> > >
> > > This change is required to fix kernel CVE: CVE-2023-1989 which is
> > > reported in v6.1 kernel version.
> >
> > > Which change?
> >
> > [Deepak]: I am referring below change. This below change is required to fix kernel CVE: CVE-2023-1989 which is reported in v6.1 kernel.
> >
> > Subject: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in
> > btsdio_remove due to race condition
> >
> > From: Zheng Wang <zyytlz.wz@xxxxxxx>
> >
> > [ Upstream commit 73f7b171b7c09139eb3c6a5677c200dc1be5f318 ]
>
> > This commit is already in the 6.1.52 kernel release, why do you want it included again?
>
> > confused,
>
> > greg k-h
>
> Hi Greg, Salvatore,
>
> When I have submitted this patch for review, at that time, 6.1.52 was not released.
>
> It will be good if you can share me guideline or details like how I
> can share CVE fix patch to upstream for review like what details I
> need to include in patch for review so from next time, we can save
> time in query discussion.

Why does the random assignment of a CVE number mean anything should be
done differently than the normal process of getting a stable patch
merged?

You have read:
https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html

right?

That should cover it.

thanks,

greg k-h

Next message: Kasireddy, Vivek: "RE: [syzbot] [mm?] kernel BUG in filemap_unaccount_folio"
Previous message: Biju Das: "[PATCH v3] regulator: max20086: Drop ID table"
In reply to: Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco): "RE: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition"
Next in thread: Greg KH: "Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]