On Mon, 2021-12-13 at 15:19 +0100, Greg Kroah-Hartman wrote: > On Thu, Dec 09, 2021 at 11:14:24AM +0800, Chunfeng Yun wrote: > > This is caused by uninitialization of list_head. > > > > BUG: KASAN: use-after-free in __list_del_entry_valid+0x34/0xe4 > > > > Call trace: > > dump_backtrace+0x0/0x298 > > show_stack+0x24/0x34 > > dump_stack+0x130/0x1a8 > > print_address_description+0x88/0x56c > > __kasan_report+0x1b8/0x2a0 > > kasan_report+0x14/0x20 > > __asan_load8+0x9c/0xa0 > > __list_del_entry_valid+0x34/0xe4 > > mtu3_req_complete+0x4c/0x300 [mtu3] > > mtu3_gadget_stop+0x168/0x448 [mtu3] > > usb_gadget_unregister_driver+0x204/0x3a0 > > unregister_gadget_item+0x44/0xa4 > > > > Reported-by: Yuwen Ng <yuwen.ng@xxxxxxxxxxxx> > > Signed-off-by: Chunfeng Yun <chunfeng.yun@xxxxxxxxxxxx> > > --- > > drivers/usb/mtu3/mtu3_gadget.c | 1 + > > 1 file changed, 1 insertion(+) > > What commit does this fix? Should it go to stable kernels? I add it in next version, thanks > > thanks, > > greg k-h
