First published: Tue Feb 27 2024(Updated: )
In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67
Affected Software | Affected Version | How to fix |
---|---|---|
Linux Linux kernel | >=2.6.23<4.4.298 | |
Linux Linux kernel | >=4.5.0<4.9.296 | |
Linux Linux kernel | >=4.10.0<4.14.261 | |
Linux Linux kernel | >=4.15.0<4.19.224 | |
Linux Linux kernel | >=4.20.0<5.4.170 | |
Linux Linux kernel | >=5.5.0<5.10.90 | |
Linux Linux kernel | >=5.11.0<5.15.13 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.11.9-1 6.11.10-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.