[SRU][F][PATCH 0/1] CVE-2022-48655
Bethany Jamison
bethany.jamison at canonical.com
Mon Jun 24 22:35:47 UTC 2024
[Impact]
firmware: arm_scmi: Harden accesses to the reset domains
Accessing reset domains descriptors by the index upon the SCMI drivers
requests through the SCMI reset operations interface can potentially
lead to out-of-bound violations if the SCMI driver misbehave.
Add an internal consistency check before any such domains descriptors
accesses.
[Fix]
Noble: not affected
Jammy: released
Focal: Clean cherry-pick from linux-5.4.y
Bionic: not affected
Xenial: not affected
Trusty: not affected
[Test Case]
Compile and boot tested
[Where problems could occur]
This fix affects those who use the System Control and
Management Interface (SCMI) Reset Protocol, an issue with
this fix would be visible via unexpected system behavior
or a system crash.
Cristian Marussi (1):
firmware: arm_scmi: Harden accesses to the reset domains
drivers/firmware/arm_scmi/reset.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
--
2.34.1
More information about the kernel-team
mailing list