This is a note to let you know that I've just added the patch titled gadgetfs: fix uninitialized variable in error handling to the 3.18-stable tree which can be found at: http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary The filename of the patch is: gadgetfs-fix-uninitialized-variable-in-error-handling.patch and it can be found in the queue-3.18 subdirectory. If you, or anyone else, feels it should not be added to the stable tree, please let <stable@xxxxxxxxxxxxxxx> know about it. >From arnd@xxxxxxxx Thu Apr 27 11:56:31 2017 From: Arnd Bergmann <arnd@xxxxxxxx> Date: Fri, 21 Apr 2017 15:06:12 +0200 Subject: gadgetfs: fix uninitialized variable in error handling To: stable@xxxxxxxxxxxxxxx Cc: gregkh@xxxxxxxxxxxxxxxxxxx, Arnd Bergmann <arnd@xxxxxxxx>, Felipe Balbi <balbi@xxxxxx>, Bin Liu <b-liu@xxxxxx>, Sasha Levin <sasha.levin@xxxxxxxxxx>, linux-usb@xxxxxxxxxxxxxxx, linux-kernel@xxxxxxxxxxxxxxx Message-ID: <20170421130623.2668561-1-arnd@xxxxxxxx> From: Arnd Bergmann <arnd@xxxxxxxx> gcc warns about a bug in 3.18.y: drivers/usb/gadget/legacy/inode.c:648:10: warning: 'value' may be used This is caused by the backport of f01d35a15fa0416 from 4.0 to 3.18: c81fc59be42c6e0 gadgetfs: use-after-free in ->aio_read() The backported patch was buggy, but the mainline code was rewritten in a larger patch directly following this one in a way that fixed the bug. For stable, we should need only a one-line change to make sure we return an proper error code. It is very unlikely that anybody ever ran into the out-of-memory case here in practice, but the compiler is right in theory. Fixes: c81fc59be42c ("gadgetfs: use-after-free in ->aio_read()") Signed-off-by: Arnd Bergmann <arnd@xxxxxxxx> Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> --- drivers/usb/gadget/legacy/inode.c | 1 + 1 file changed, 1 insertion(+) --- a/drivers/usb/gadget/legacy/inode.c +++ b/drivers/usb/gadget/legacy/inode.c @@ -654,6 +654,7 @@ fail: GFP_KERNEL); if (!priv->iv) { kfree(priv); + value = -ENOMEM; goto fail; } } Patches currently in stable-queue which might be from arnd@xxxxxxxx are queue-3.18/acpi-power-avoid-maybe-uninitialized-warning.patch queue-3.18/gadgetfs-fix-uninitialized-variable-in-error-handling.patch queue-3.18/clk-at91-usb-fix-determine_rate-prototype-again.patch queue-3.18/arm-psci-fix-header-file.patch queue-3.18/dm-bufio-hide-bogus-warning.patch