From: Shubham Kulkarni skulkarni@mvista.com
Hi Greg/All,
This patch series backports the fix for CVE-2023-33288 along with its 2 dependency commits to 5.4 stable kernel. These patches are already part of stable kernel v5.10.y and I have referred to those commits to generate this series for v5.4.
[CVE-2023-33288 - kernel: use-after-free in bq24190_remove in drivers/power/supply/bq24190_charger.c]
Patch 1: Dependency Patch #1 - mainline commit 1a37a0397116 (v5.9-rc1) Patch 2: Dependency Patch #2 - v5.10.y commit 18359b8e30c4 (v5.10.177) Patch 3: CVE-2023-33288 fix - v5.10.y commit 2b346876b931 (v5.10.177)
---
Dinghao Liu (1): power: supply: bq24190_charger: Fix runtime PM imbalance on error
Minghao Chi (1): power: supply: bq24190_charger: using pm_runtime_resume_and_get instead of pm_runtime_get_sync
Zheng Wang (1): power: supply: bq24190: Fix use after free bug in bq24190_remove due to race condition
drivers/power/supply/bq24190_charger.c | 60 +++++++++----------------- 1 file changed, 21 insertions(+), 39 deletions(-)