[SRU][OEM-5.14/OEM-5.17][PATCH 0/1] CVE-2022-36280
Yuxuan Luo
yuxuan.luo at canonical.com
Thu Mar 9 18:32:32 UTC 2023
[Impact]
A potential out-of-bound write vulnerability was found at drm/vmwgfx. Since the
dimension parameter is not sanity checked, it is possible to overflow the
memcpy, leading to crashes.
[Backport]
It is a clean cherry pick.
[Test]
Compile and smoke tested by modprobe the vmwgfx mod.
[Potential Regression]
Expecting low risk as the commit only add two condition check.
Zack Rusin (1):
drm/vmwgfx: Validate the box size for the snooped cursor
drivers/gpu/drm/vmwgfx/vmwgfx_kms.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list