[SRU][OEM-6.1][F/J/L/M][PATCH 0/1] CVE-2023-31085

Yuxuan Luo yuxuan.luo at canonical.com
Thu Oct 26 15:35:07 UTC 2023


[Impact]
An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2.
There is a divide-by-zero error in do_div(sz,mtd->erasesize), used
indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0.

[Backport]
It is a clean cherry pick.

[Test]
Compile and boot tested.

[Potential Regression]
Expect very low regression potential that's limited to this specific
driver.


Zhihao Cheng (1):
  ubi: Refuse attaching if mtd's erasesize is 0

 drivers/mtd/ubi/build.c | 7 +++++++
 1 file changed, 7 insertions(+)

-- 
2.34.1




More information about the kernel-team mailing list