Bug 1144918 – VUL-1: CVE-2019-14763: kernel-source: double-locking error in drivers/usb/dwc3/gadget.c deadlock with f_hid.

Bug 1144918 - (CVE-2019-14763) VUL-1: CVE-2019-14763: kernel-source: double-locking error in drivers/usb/dwc3/gadget.c deadlock with f_hid.

(CVE-2019-14763)
Summary:	VUL-1: CVE-2019-14763: kernel-source: double-locking error in drivers/usb/dwc...

Status:	RESOLVED UPSTREAM

Classification:	Novell Products
Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents
Version:	unspecified
Hardware:	Other Other

Priority:	P4 - Low Severity: Minor
Target Milestone:	---
Assigned To:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/239226/
Whiteboard:
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Create test case

Clone This Bug

Reported:	2019-08-08 16:37 UTC by Alexandros Toptsoglou
Modified:	2019-08-09 14:38 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexandros Toptsoglou 2019-08-08 16:37:05 UTC

CVE-2019-14763

In the Linux kernel before 4.16.4, a double-locking error in
drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-14763
http://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-14763.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14763
http://www.cvedetails.com/cve/CVE-2019-14763/
https://www.spinics.net/lists/linux-usb/msg167355.html
https://github.com/torvalds/linux/commit/c91815b596245fd7da349ecc43c8def670d2269e
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.16.4
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c91815b596245fd7da349ecc43c8def670d2269e
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=072684e8c58d17e853f8e8b9f6d9ce2e58d2b036
https://github.com/torvalds/linux/commit/072684e8c58d17e853f8e8b9f6d9ce2e58d2b036
https://www.spinics.net/lists/linux-usb/msg167393.html

Comment 1 Takashi Iwai 2019-08-08 17:45:15 UTC

dwc3 gadget driver isn't enabled in both SLE and Leap kernels, so basically we aren't affected.

FWIW, the commit 072684e8c58d17e853f8e8b9f6d9ce2e58d2b036 is already backported in SLE15 while c91815b596245fd7da349ecc43c8def670d2269e is blacklisted.

Reassigned back to security team.

Comment 2 Alexandros Toptsoglou 2019-08-09 07:27:59 UTC

(In reply to Takashi Iwai from comment #1)
> dwc3 gadget driver isn't enabled in both SLE and Leap kernels, so basically
> we aren't affected.
> 
> FWIW, the commit 072684e8c58d17e853f8e8b9f6d9ce2e58d2b036 is already
> backported in SLE15 while c91815b596245fd7da349ecc43c8def670d2269e is
> blacklisted.
> 
> Reassigned back to security team.

Thank you Takashi for your input. Closing as resolved upstream