Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability

From: Greg KH
Date: Tue Aug 06 2024 - 02:36:15 EST

Next message: Alistair Francis: "Re: [PATCH v11 3/4] PCI/DOE: Expose the DOE features via sysfs"
Previous message: Jamie Bainbridge: "[PATCH net v4] net-sysfs: check device is present when showing duplex"
In reply to: Greg KH: "Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability"
Next in thread: Theodore Ts'o: "Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Aug 06, 2024 at 11:54:33AM +0800, LidongLI wrote:
> Our requirement is to assign a CVE for this "bug" because it is an issue within the kernel. Since it is a problem, it poses a potential risk. Therefore, we believe it is necessary to address it accordingly.

I know your school professors are making this a requirement for you, but
that is not _our_ requirement here, sorry. Please work with your school
to find something else to work on.

> Because it involves a driver development error, we believe it is necessary and meaningful to address this issue.

I do not see the driver error yet, please submit a patch showing this
and we will be glad to review it.

thanks,

greg k-h

Next message: Alistair Francis: "Re: [PATCH v11 3/4] PCI/DOE: Expose the DOE features via sysfs"
Previous message: Jamie Bainbridge: "[PATCH net v4] net-sysfs: check device is present when showing duplex"
In reply to: Greg KH: "Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability"
Next in thread: Theodore Ts'o: "Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]