Bug 1144918 - (CVE-2019-14763) VUL-1: CVE-2019-14763: kernel-source: double-locking error in drivers/usb/dwc3/gadget.c deadlock with f_hid.
(CVE-2019-14763)
VUL-1: CVE-2019-14763: kernel-source: double-locking error in drivers/usb/dwc...
Status: RESOLVED UPSTREAM
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/239226/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-08-08 16:37 UTC by Alexandros Toptsoglou
Modified: 2019-08-09 14:38 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Takashi Iwai 2019-08-08 17:45:15 UTC
dwc3 gadget driver isn't enabled in both SLE and Leap kernels, so basically we aren't affected.

FWIW, the commit 072684e8c58d17e853f8e8b9f6d9ce2e58d2b036 is already backported in SLE15 while c91815b596245fd7da349ecc43c8def670d2269e is blacklisted.

Reassigned back to security team.
Comment 2 Alexandros Toptsoglou 2019-08-09 07:27:59 UTC
(In reply to Takashi Iwai from comment #1)
> dwc3 gadget driver isn't enabled in both SLE and Leap kernels, so basically
> we aren't affected.
> 
> FWIW, the commit 072684e8c58d17e853f8e8b9f6d9ce2e58d2b036 is already
> backported in SLE15 while c91815b596245fd7da349ecc43c8def670d2269e is
> blacklisted.
> 
> Reassigned back to security team.

Thank you Takashi for your input. Closing as resolved upstream