APPLIED: [SRU][M][PATCH 0/1] CVE-2024-25739
Roxana Nicolescu
roxana.nicolescu at canonical.com
Mon Jun 17 08:47:56 UTC 2024
On 07/06/2024 21:41, Bethany Jamison wrote:
> [Impact]
>
> ubi: Check for too small LEB size in VTBL code
>
> If the LEB size is smaller than a volume table record we cannot
> have volumes.
> In this case abort attaching.
>
> create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through
> 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing
> check for ubi->leb_size.
>
> [Fix]
>
> Noble: pending
> Mantic: Clean cherry-pick from linux-6.6.y
> Jammy: pending
> Focal: fixed via stable
> Bionic: fix sent to esm ML
> Xenial: fix sent to esm ML
> Trusty: not going to be fixed by us
>
> [Test Case]
>
> Compile and boot tested
>
> [Where problems could occur]
>
> This fix affects those who use the UBI volume table (vtbl),
> an issue with this fix would be visible to the user via a
> system crash.
>
> Richard Weinberger (1):
> ubi: Check for too small LEB size in VTBL code
>
> drivers/mtd/ubi/vtbl.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
Applied to mantic:linux master-next branch. Thanks!
More information about the kernel-team
mailing list