CVE-2022-50568

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> usb: gadget: f_hid: fix f_hidg lifetime vs cdev<br /> <br /> The embedded struct cdev does not have its lifetime correctly tied to<br /> the enclosing struct f_hidg, so there is a use-after-free if /dev/hidgN<br /> is held open while the gadget is deleted.<br /> <br /> This can readily be replicated with libusbgx&amp;#39;s example programs (for<br /> conciseness - operating directly via configfs is equivalent):<br /> <br /> gadget-hid<br /> exec 3 /dev/hidg0<br /> gadget-vid-pid-remove<br /> exec 3