On Mon, 2024-11-18 at 17:51 +0800, Markus Rechberger wrote: > On Mon, 2024-11-18 at 11:36 +0200, Mathias Nyman wrote: > > Hi > > > > On 17.11.2024 17.32, Sundtek wrote: > > > This patch fixes a NULL Pointer exception when a device using the > > > XHCI > > > controller driver is not properly initialized. It's relatively > > > easy > > > to > > > reproduce with a faulty connection to a USB Harddisk / USB > > > Ethernet > > > adapter. > > > The way I used for testing this patch was to short USB D+/D- and > > > pull > > > them to ground. > > > > > > We manufacture our own USB devices and use Linux for testing, > > > lately we > > > upgraded the system to Ubuntu noble with Kernel 6.8.0 and our > > > system > > > also crashed multiple times just when plugging in some devices > > > (no > > > commands need to be executed). > > > We connect/disconnect devices > 100 times (eg uploading firmware, > > > do > > > electrical tests etc). > > > > > > I would rate this issue as highly critical. > > > The problem is triggered via some fallback code in hub.c, a > > > second > > > patch will follow which > > > removes the endpoint reset in the particular fallback. > > > > > > > > > > 2024-11-16T22:14:12.122224+08:00 sundtek-UX32VD kernel: RIP: > > > 0010:xhci_check_bw_table+0x100/0x4d0 > > > > This looks very similar to a null pointer issue I fixed recently. > > Patch should be in 6.11 and recent stable releases: > > > > af8e119f52e9 xhci: Fix Panther point NULL pointer deref at full- > > speed > > re-enumeration > > > > What kernel are you running? > > > thanks for pointing out to that, I was testing this on Linux 6.8.12. > I will recompile the latest kernel and double check. > > your one: > [46711.125623] Workqueue: usb_hub_wq hub_event [usbcore] > [46711.125668] RIP: 0010:xhci_reserve_bandwidth > (drivers/usb/host/xhci.c > > vs my one: > kernel: Workqueue: usb_hub_wq hub_event > kernel: RIP: 0010:xhci_check_bw_table+0x100/0x4d0 > > https://sundtek.de/support/uxvd32.txt I just added your patch to 6.8.10 / 6.8.12 it also fixes the problem. CVE: https://www.cve.org/CVERecord/?id=CVE-2024-45006 Nothing to do for me here great. the issue is resolved but needs to be addressed by the distributions now. Ubuntu is currently shipping their stable kernel with this critical bug. Best Regards, Markus