Updated: 2024-11-24 04:47:37.614646
Description:
In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot has reported warning in __flush_work(). This warning is caused by work->func == NULL, which means missing work initialization. This may happen, since input_dev->close() calls cancel_work_sync(&dev->work), but dev->work initalization happens _after_ input_register_device() call. So this patch moves dev->work initialization before registering input device
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | kernel | 5.14.0 | 5.5 | MEDIUM | Already Fixed | 2024-04-11 10:03:17 | ||
| CentOS 6 ELS | kernel | 2.6.32 | 5.5 | MEDIUM | Ignored | 2024-04-11 10:03:18 | ||
| CentOS 7 ELS | kernel | 3.10.0 | 5.5 | MEDIUM | Released | CLSA-2024:1720468480 | 2024-07-23 17:23:20 | |
| CentOS 8.4 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2024-04-11 10:03:15 | ||
| CentOS 8.5 ELS | kernel | 4.18.0 | 5.5 | MEDIUM | Ignored | 2024-04-11 10:03:16 | ||
| CloudLinux 6 ELS | kernel | 2.6.32 | 5.5 | MEDIUM | Ignored | 2024-04-11 10:03:18 | ||
| Oracle Linux 6 ELS | kernel | 2.6.32 | 5.5 | MEDIUM | Ignored | 2024-04-11 11:09:20 | ||
| RHEL 7 ELS | kernel | 3.10.0 | 5.5 | MEDIUM | Released | CLSA-2025:1750353839 | 2025-06-20 13:31:48 | |
| Ubuntu 16.04 ELS | linux | 4.4.0 | 5.5 | MEDIUM | Released | CLSA-2024:1713790844 | 2024-04-22 10:01:36 | |
| Ubuntu 16.04 ELS | linux-hwe | 4.15.0 | 5.5 | MEDIUM | Already Fixed | 2024-04-11 10:03:49 |