mbox series

[SRU,Mantic,0/1] CVE-2024-26599

Message ID 20240304203718.25418-1-bethany.jamison@canonical.com
Headers show
Series CVE-2024-26599 | expand

Message

Bethany Jamison March 4, 2024, 8:37 p.m. UTC 
[Impact]

In the Linux kernel, the following vulnerability has been resolved:

pwm: Fix out-of-bounds access in of_pwm_single_xlate()

With args->args_count == 2 args->args[2] is not defined. Actually the
flags are contained in args->args[1].

[Fix]

Mantic: Clean cherry-pick.

[Test Case]

Compile and boot tested.

[Where problems could occur]

Likelihood of regression is low and would only affect those
using PWM interface.

Uwe Kleine-König (1):
  pwm: Fix out-of-bounds access in of_pwm_single_xlate()

 drivers/pwm/core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Kevin Becker March 4, 2024, 9:22 p.m. UTC | #1 
On Mon, Mar 4, 2024 at 3:38 PM Bethany Jamison
<bethany.jamison@canonical.com> wrote:
>
> [Impact]
>
> In the Linux kernel, the following vulnerability has been resolved:
>
> pwm: Fix out-of-bounds access in of_pwm_single_xlate()
>
> With args->args_count == 2 args->args[2] is not defined. Actually the
> flags are contained in args->args[1].
>
> [Fix]
>
> Mantic: Clean cherry-pick.
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> Likelihood of regression is low and would only affect those
> using PWM interface.
>
> Uwe Kleine-König (1):
>   pwm: Fix out-of-bounds access in of_pwm_single_xlate()
>
>  drivers/pwm/core.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> --
> 2.34.1
>
>
> --
> kernel-team mailing list
> kernel-team@lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team

Acked-by: Kevin Becker <kevin.becker@canonical.com>
Roxana Nicolescu March 5, 2024, 12:46 p.m. UTC | #2 
On 04/03/2024 21:37, Bethany Jamison wrote:
> [Impact]
>
> In the Linux kernel, the following vulnerability has been resolved:
>
> pwm: Fix out-of-bounds access in of_pwm_single_xlate()
>
> With args->args_count == 2 args->args[2] is not defined. Actually the
> flags are contained in args->args[1].
>
> [Fix]
>
> Mantic: Clean cherry-pick.
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> Likelihood of regression is low and would only affect those
> using PWM interface.
>
> Uwe Kleine-König (1):
>    pwm: Fix out-of-bounds access in of_pwm_single_xlate()
>
>   drivers/pwm/core.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
Acked-by: Roxana Nicolescu <roxana.nicolescu@canonical.com>
Roxana Nicolescu March 5, 2024, 2:24 p.m. UTC | #3 
On 04/03/2024 21:37, Bethany Jamison wrote:
> [Impact]
>
> In the Linux kernel, the following vulnerability has been resolved:
>
> pwm: Fix out-of-bounds access in of_pwm_single_xlate()
>
> With args->args_count == 2 args->args[2] is not defined. Actually the
> flags are contained in args->args[1].
>
> [Fix]
>
> Mantic: Clean cherry-pick.
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> Likelihood of regression is low and would only affect those
> using PWM interface.
>
> Uwe Kleine-König (1):
>    pwm: Fix out-of-bounds access in of_pwm_single_xlate()
>
>   drivers/pwm/core.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
Applied to mantic master-next branch. Thanks!