[SRU][N][PATCH 0/1] CVE-2024-42159
Massimiliano Pellizzer
massimiliano.pellizzer at canonical.com
Wed Aug 21 15:18:55 UTC 2024
[Impact]
scsi: mpi3mr: Sanitise num_phys
Information is stored in mr_sas_port->phy_mask, values larger then size of
this field shouldn't be allowed.
[Fix]
Noble: Cherry picked cleanly from linux-6.9.y
Jammy: Not affected
Focal: Not affected
Bionic: Not affected
Xenial: Not affected
[Test Case]
Compile and boot tested.
[Where problems could occur]
The fix affects the mpi3mr SCSI driver. An issue with this fix would
cause failures in RAID controller initialization or communication,
potentially leading to storage device detection problems or I/O errors
during data transfer.
Tomas Henzl (1):
scsi: mpi3mr: Sanitise num_phys
drivers/scsi/mpi3mr/mpi3mr_transport.c | 10 ++++++++++
1 file changed, 10 insertions(+)
--
2.43.0
More information about the kernel-team
mailing list