CVE-2022-3903

An invalid pipe direction in the mceusb driver cause the kernel to DOS

References

https://bugzilla.redhat.com/show_bug.cgi?id=2140985
https://lore.kernel.org/all/CAB7eexLLApHJwZfMQ=X-PtRhw0BgO+5KcSMS05FNUYejJXqtSA@mail.gmail.com/
https://lore.kernel.org/all/E1obysd-009Grw-He@www.linuxtv.org/

Notes

 carnil> Apparently the fix was already done in 6.0-rc4 with 608e58a0f461
 carnil> ("media: mceusb: Use new usb_control_msg_*() routines") but
 carnil> then changes lost and redone in 6.1-rc2. The former was
 carnil> backported to various stable series. I'm not sure what happened
 carnil> here.

Bugs

Status

Branch	Status
4.19-buster-security	needed
4.19-upstream-stable	needed
5.10-bullseye-security	released (5.10.148-1)
5.10-upstream-stable	released (5.10.142) [587f793c64d99d92be8ef01c4c69d885a3f2edb6]
6.1-bookworm-security	N/A "Fixed before branch point"
6.1-upstream-stable	N/A "Fixed before branch point"
6.6-upstream-stable	unknown
6.8-upstream-stable	unknown
sid	released (5.19.11-1)
upstream	released (6.1-rc2) [41fd1cb6151439b205ac7611883d85ae14250172]