"value":"In the Linux kernel, the following vulnerability has been resolved:\n\nASoC: rt5645: Fix errorenous cleanup order\n\nThere is a logic error when removing rt5645 device as the function\nrt5645_i2c_remove() first cancel the &rt5645->jack_detect_work and\ndelete the &rt5645->btn_check_timer latter. However, since the timer\nhandler rt5645_btn_check_callback() will re-queue the jack_detect_work,\nthis cleanup order is buggy.\n\nThat is, once the del_timer_sync in rt5645_i2c_remove is concurrently\nrun with the rt5645_btn_check_callback, the canceled jack_detect_work\nwill be rescheduled again, leading to possible use-after-free.\n\nThis patch fix the issue by placing the del_timer_sync function before\nthe cancel_delayed_work_sync."
"value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ASoC: rt5645: Se corrige el orden de depuraci\u00f3n err\u00f3neo Hay un error l\u00f3gico al eliminar el dispositivo rt5645, ya que la funci\u00f3n rt5645_i2c_remove() primero cancela &rt5645->jack_detect_work y elimina &rt5645->btn_check_timer despu\u00e9s. Sin embargo, dado que el controlador del temporizador rt5645_btn_check_callback() volver\u00e1 a poner en cola jack_detect_work, este orden de limpieza tiene errores. Es decir, una vez que del_timer_sync en rt5645_i2c_remove se ejecuta simult\u00e1neamente con rt5645_btn_check_callback, el jack_detect_work cancelado se reprogramar\u00e1 nuevamente, lo que provocar\u00e1 un posible use-after-free. Este parche soluciona el problema colocando la funci\u00f3n del_timer_sync antes de cancel_delayed_work_sync."
