Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability
From: Greg KH
Date: Mon Aug 05 2024 - 02:55:26 EST
On Mon, Aug 05, 2024 at 10:20:30AM +0800, LidongLI wrote:
> Hi Greg,
>
> We tried it, and after configuring the udev rules, I can run the proof of concept (PoC) and reproduce the previous issue without using sudo
>
What did you do exactly with a new udev rule? Did you give it userspace
permission to unbind/reset the device?
As it is today, this requires root permissions and it looks to just be a
race with the existing kernel driver setting the device up and userspace
trying to reset the device at the same time, not anything that can
normally happen in a system from what I can tell.
thanks,
greg k-h