[SRU][N][PATCH 0/1] CVE-2024-42301
Yuxuan Luo
yuxuan.luo at canonical.com
Mon Sep 30 21:39:22 UTC 2024
[Impact]
A potential array out-of-bound read is found in driver/parport subsytem
when users accessing its procfs file because of the insecure nature of
sprintf() function. This vulnerability might cause kernel panic and thus
leads to denial of service.
[Backport]
Clean cherry pick.
[Test]
Compile tested.
[Where problems might occur]
Parport procfs file might experience format inconsistency or unstable.
tuhaowen (1):
dev/parport: fix the array out-of-bounds risk
drivers/parport/procfs.c | 24 ++++++++++++------------
1 file changed, 12 insertions(+), 12 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list