Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition

public inbox for stable@vger.kernel.org
 help / color / mirror / Atom feed

From: Greg KH <gregkh@linuxfoundation.org>
To: "Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)" 
	<deeratho@cisco.com>
Cc: "salvatore.bonaccorso@gmail.com" <salvatore.bonaccorso@gmail.com>,
	"stable@vger.kernel.org" <stable@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
Date: Sun, 10 Sep 2023 07:59:06 +0100	[thread overview]
Message-ID: <2023091051-blaspheme-quack-c949@gregkh> (raw)
In-Reply-To: <DM4PR11MB6189F15AB7DFD11AA02A16C2C4F3A@DM4PR11MB6189.namprd11.prod.outlook.com>

On Sun, Sep 10, 2023 at 06:25:22AM +0000, Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) wrote:
> -----Original Message-----
> From: Greg KH <gregkh@linuxfoundation.org> 
> Sent: Saturday, September 9, 2023 5:17 PM
> To: Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) <deeratho@cisco.com>
> Cc: stable@vger.kernel.org; linux-kernel@vger.kernel.org
> Subject: Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition
> 
> On Sat, Sep 09, 2023 at 08:49:52AM +0000, Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) wrote:
> > -----Original Message-----
> > From: Greg KH <gregkh@linuxfoundation.org>
> > Sent: Friday, September 8, 2023 12:39 PM
> > To: Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) 
> > <deeratho@cisco.com>
> > Cc: stable@vger.kernel.org; linux-kernel@vger.kernel.org
> > Subject: Re: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free 
> > bug in btsdio_remove due to race condition
> > 
> > > A: http://en.wikipedia.org/wiki/Top_post
> > > Q: Were do I find info about this thing called top-posting?
> > > A: Because it messes up the order in which people normally read text.
> > > Q: Why is top-posting such a bad thing?
> > > A: Top-posting.
> > > Q: What is the most annoying thing in e-mail?
> > 
> > > A: No.
> > > Q: Should I include quotations after my reply?
> > 
> > 
> > > http://daringfireball.net/2007/07/on_top
> > 
> > On Fri, Sep 08, 2023 at 06:54:06AM +0000, Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco) wrote:
> > > Hi Greg,
> > > 
> > > This change is required to fix kernel CVE: CVE-2023-1989 which is 
> > > reported in v6.1 kernel version.
> > 
> > > Which change?
> > 
> > [Deepak]: I am referring below change. This below change is required to fix kernel CVE: CVE-2023-1989 which is reported in v6.1 kernel.
> > 
> > Subject: [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in 
> > btsdio_remove due to race condition
> > 
> > From: Zheng Wang <zyytlz.wz@163.com>
> > 
> > [ Upstream commit 73f7b171b7c09139eb3c6a5677c200dc1be5f318 ]
> 
> > This commit is already in the 6.1.52 kernel release, why do you want it included again?
> 
> > confused,
> 
> > greg k-h
> 
> Hi Greg, Salvatore,
> 
> When I have submitted this patch for review, at that time, 6.1.52 was not released.
> 
> It will be good if you can share me guideline or details like how I
> can share CVE fix patch to upstream for review like what details I
> need to include in patch for review so from next time, we can save
> time in query discussion.

Why does the random assignment of a CVE number mean anything should be
done differently than the normal process of getting a stable patch
merged?

You have read:
    https://www.kernel.org/doc/html/latest/process/stable-kernel-rules.html

right?

That should cover it.

thanks,

greg k-h

next prev parent reply	other threads:[~2023-09-10  6:59 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2023-09-06 12:15 [v6.1.52][PATCH] Bluetooth: btsdio: fix use after free bug in btsdio_remove due to race condition Deepak Rathore
2023-09-06 12:20 ` kernel test robot
2023-09-07 10:16 ` Greg KH
2023-09-08  4:18   ` Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)
2023-09-08  6:06     ` Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)
2023-09-08  6:48       ` Greg KH
2023-09-08  6:54         ` Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)
2023-09-08  7:08           ` Greg KH
2023-09-09  8:49             ` Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)
2023-09-09 11:22               ` Salvatore Bonaccorso
2023-09-09 11:47               ` Greg KH
2023-09-10  6:25                 ` Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)
2023-09-10  6:59                   ` Greg KH [this message]
2023-09-10 20:25 ` Greg KH
2023-09-11 13:17   ` Deepak Rathore -X (deeratho - E-INFO CHIPS INC at Cisco)
2023-09-11 13:23     ` Greg KH

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2023091051-blaspheme-quack-c949@gregkh \
    --to=gregkh@linuxfoundation.org \
    --cc=deeratho@cisco.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=salvatore.bonaccorso@gmail.com \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox