Re: Ubuntu RT2X00 WIFI USB Driver Kernel NULL pointer Dereference&Use-After-Free Vulnerability

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Aug 07, 2024 at 12:47:26AM +0800, color Ice wrote:
> Hi,
> 
> I'm glad that you can address this issue. I believe that this is indeed a
> vulnerability because the issue is caused by the rt2x00 driver's failure to
> properly shut down its async queues. While it requires sudo to execute, it
> is still a problem as it can trigger a kernel system exception. We can
> imagine that this vulnerability could be executed without root permissions
> in certain scenarios. For instance, in many embedded systems, configuring
> udev rules might be necessary to ensure automated operations, and in such
> scenarios, it can be triggered without root permissions.
> 
> Therefore, I believe that from a vulnerability perspective, it should
> indeed be eligible for a CVE, as it can be fixed and it is indeed a flaw.
> If this vulnerability is not addressed, future driver processing and
> adaptation may encounter robustness and security issues. I believe security
> issues should be handled with the corresponding seriousness.
> 
> Thank you.

You didn't answer my question.  Are you able to test patches?

Alan Stern




[Index of Archives]     [Linux Media]     [Linux Input]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]     [Old Linux USB Devel Archive]

  Powered by Linux