| Message ID | 20240910112550.1144379-1-koichiro.den@canonical.com |
|---|---|
| Headers | show |
| Series | CVE-2024-27051 | expand |
Acked-by: Mehmet Basaran <mehmet.basaran@canonical.com> Koichiro Den <koichiro.den@canonical.com> writes: > [Impact] > > cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value > > cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it > and return 0 in case of error. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > [Backport] > > The primary fix commit had a compile-time warning issue, which on > upstream was fixed by later commit fa7bd98f3c8b ("cpufreq: > brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations"). > Both of them are backported with context adjustments. > > [Fix] > > Noble: not affected > Jammy: fixed via stable > Focal: Backport - cleanly applied with one follow-up fix, see [Backport] > Bionic: fix sent to esm ML > Xenial: not affected > Trusty: not affected > > [Test Case] > > Compile and boot tested > > [Where problems could occur] > > This fix affects Broadcom STB SoCs that use AVS firmware with DFS and > DVFS support, an issue with this fix potentially would be visible to > user via a system crash due to null pointer dereference. > > [Notes] > > v2: > - Fix commit messages and cover letter (cherry-picked -> backported) > > > Anastasia Belova (1): > cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return > value > > Portia Stephens (1): > cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations > > drivers/cpufreq/brcmstb-avs-cpufreq.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > -- > 2.43.0 > > > -- > kernel-team mailing list > kernel-team@lists.ubuntu.com > https://lists.ubuntu.com/mailman/listinfo/kernel-team
On 24/09/10 08:25pm, Koichiro Den wrote: > [Impact] > > cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value > > cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it > and return 0 in case of error. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > [Backport] > > The primary fix commit had a compile-time warning issue, which on > upstream was fixed by later commit fa7bd98f3c8b ("cpufreq: > brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations"). > Both of them are backported with context adjustments. > > [Fix] > > Noble: not affected > Jammy: fixed via stable > Focal: Backport - cleanly applied with one follow-up fix, see [Backport] > Bionic: fix sent to esm ML > Xenial: not affected > Trusty: not affected > > [Test Case] > > Compile and boot tested > > [Where problems could occur] > > This fix affects Broadcom STB SoCs that use AVS firmware with DFS and > DVFS support, an issue with this fix potentially would be visible to > user via a system crash due to null pointer dereference. > > [Notes] > > v2: > - Fix commit messages and cover letter (cherry-picked -> backported) > > > Anastasia Belova (1): > cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return > value > > Portia Stephens (1): > cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations Acked-by: Andrei Gherzan <andrei.gherzan@canonical.com>
On 10.09.24 13:25, Koichiro Den wrote: > [Impact] > > cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value > > cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it > and return 0 in case of error. > > Found by Linux Verification Center (linuxtesting.org) with SVACE. > > [Backport] > > The primary fix commit had a compile-time warning issue, which on > upstream was fixed by later commit fa7bd98f3c8b ("cpufreq: > brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations"). > Both of them are backported with context adjustments. > > [Fix] > > Noble: not affected > Jammy: fixed via stable > Focal: Backport - cleanly applied with one follow-up fix, see [Backport] > Bionic: fix sent to esm ML > Xenial: not affected > Trusty: not affected > > [Test Case] > > Compile and boot tested > > [Where problems could occur] > > This fix affects Broadcom STB SoCs that use AVS firmware with DFS and > DVFS support, an issue with this fix potentially would be visible to > user via a system crash due to null pointer dereference. > > [Notes] > > v2: > - Fix commit messages and cover letter (cherry-picked -> backported) > > > Anastasia Belova (1): > cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return > value > > Portia Stephens (1): > cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations > > drivers/cpufreq/brcmstb-avs-cpufreq.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > Applied to focal:linux/master-next. Thanks. -Stefan
[Impact] cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value cpufreq_cpu_get may return NULL. To avoid NULL-dereference check it and return 0 in case of error. Found by Linux Verification Center (linuxtesting.org) with SVACE. [Backport] The primary fix commit had a compile-time warning issue, which on upstream was fixed by later commit fa7bd98f3c8b ("cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations"). Both of them are backported with context adjustments. [Fix] Noble: not affected Jammy: fixed via stable Focal: Backport - cleanly applied with one follow-up fix, see [Backport] Bionic: fix sent to esm ML Xenial: not affected Trusty: not affected [Test Case] Compile and boot tested [Where problems could occur] This fix affects Broadcom STB SoCs that use AVS firmware with DFS and DVFS support, an issue with this fix potentially would be visible to user via a system crash due to null pointer dereference. [Notes] v2: - Fix commit messages and cover letter (cherry-picked -> backported) Anastasia Belova (1): cpufreq: brcmstb-avs-cpufreq: add check for cpufreq_cpu_get's return value Portia Stephens (1): cpufreq: brcmstb-avs-cpufreq: ISO C90 forbids mixed declarations drivers/cpufreq/brcmstb-avs-cpufreq.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)