Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability
From: LidongLI
Date: Tue Aug 06 2024 - 22:12:13 EST
Dear
Yes, dev.reset does indeed require root privileges, but what we find abnormal is, as I noted in the POC, a normal reset is not problematic. However, after time.sleep(0.1), it triggers some issues.
import usb.core
dev = usb.core.find(idVendor=0xb58e, idProduct=0x0005)
time.sleep(0.1) # It actually needs a sleep of 0.1 or 0.2 seconds to take effect; otherwise, it follows normal development logic. For example, when there is an exception error like 'resource busy', a dev.reset is required.
dev.reset()
Thank you for your response. Yes, I am able to test patches. Please provide the necessary patches, and I will conduct the tests to verify their effectiveness.
Best regards