| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 1 May 2024 15:06:46 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-27075: media: dvb-frontends: avoid stack overflow warnings with clang Description =========== In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A previous patch worked around a KASAN issue in stv0367, now a similar problem showed up with clang: drivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in 'stv0367ter_set_frontend' [-Werror,-Wframe-larger-than] 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe) Rework the stv0367_writereg() function to be simpler and mark both register access functions as noinline_for_stack so the temporary i2c_msg structures do not get duplicated on the stack when KASAN_STACK is enabled. The Linux kernel CVE team has assigned CVE-2024-27075 to this issue. Affected and fixed versions =========================== Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 4.19.311 with commit c073c8cede5a Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 5.4.273 with commit fa8b472952ef Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 5.10.214 with commit fb07104a02e8 Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 5.15.153 with commit d20b64f156de Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 6.1.83 with commit 107052a8cfef Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 6.6.23 with commit 8fad9c5bb00d Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 6.7.11 with commit d6b4895197ab Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 6.8.2 with commit ed514ecf4f29 Issue introduced in 4.16 with commit 3cd890dbe2a4 and fixed in 6.9-rc1 with commit 7a4cf27d1f05 Issue introduced in 4.4.168 with commit dc4bc70259da Issue introduced in 4.9.82 with commit d1d85ae79d5e Issue introduced in 4.14.20 with commit ad91b2e392be Issue introduced in 4.15.4 with commit ec1eeaf5b6c1 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-27075 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/media/dvb-frontends/stv0367.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/c073c8cede5abd3836e83d70d72606d11d0759d4 https://git.kernel.org/stable/c/fa8b472952ef46eb632825051078c21ce0cafe55 https://git.kernel.org/stable/c/fb07104a02e87c06c39914d13ed67fd8f839ca82 https://git.kernel.org/stable/c/d20b64f156de5d10410963fe238d82a4e7e97a2f https://git.kernel.org/stable/c/107052a8cfeff3a97326277192b4f052e4860a8a https://git.kernel.org/stable/c/8fad9c5bb00d3a9508d18bbfe832e33a47377730 https://git.kernel.org/stable/c/d6b4895197ab5a47cb81c6852d49320b05052960 https://git.kernel.org/stable/c/ed514ecf4f29c80a2f09ae3c877059b401efe893 https://git.kernel.org/stable/c/7a4cf27d1f0538f779bf31b8c99eda394e277119
Powered by blists - more mailing lists