ACK: [SRU][F][PATCH 0/1] CVE-2023-52488
Manuel Diewald
manuel.diewald at canonical.com
Mon Oct 21 18:09:20 UTC 2024
On Mon, Oct 21, 2024 at 12:02:37PM -0500, Jacob Martin wrote:
> [Impact]
>
> The sc16is7xx driver uses regmap_raw_read and regmap_raw_write to access the
> IC's FIFOs in a burst mode that doesn't increment the register address for each
> byte. The functions regmap_raw_read and regmap_raw_write assume that the
> register's address *is* incremented, update the regmap cache accordingly, and
> thus would end up corrupting it. The driver works around this by disabling the
> regmap cache while calling these functions. Fully resolve the issue by using
> the regmap_noinc_read and regmap_noinc_write functions, which correctly assume
> the register's address *is not* incremented.
>
> [Fix]
>
> Noble: Not affected
> Jammy: Fix released
> Focal: Backport from linux-5.10.y stable branch, context adjustments
> Bionic: Patchset sent to ESM list
> Xenial: Patchset sent to ESM list
> Trusty: Not affected
>
> [Test Case]
>
> Compile tested.
>
> [Where problems could occur]
>
> This change modifies the FIFO read/write behavior of the sc16is7xx driver.
> Issues with the fix would cause TTY serial connections utilizing the driver to
> misbehave.
>
> Hugo Villeneuve (1):
> serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for
> FIFO
>
> drivers/tty/serial/sc16is7xx.c | 15 +++++++++------
> 1 file changed, 9 insertions(+), 6 deletions(-)
>
> --
> 2.43.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
Acked-by: Manuel Diewald <manuel.diewald at canonical.com>
--
Manuel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20241021/02d05030/attachment-0001.sig>
More information about the kernel-team
mailing list