From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id B771214C596 for ; Thu, 29 Feb 2024 15:53:24 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=10.30.226.201 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709222004; cv=none; b=oob/pK9wUrXde040JFkfLyOcWwHtz4jhdUZr/WwCLI8KsCOha3JTeV6bz7KSqhoeVKejDrB2SUDffRYvICr79pdfd5F1REWXzIY6xSgOoSsiGfM3iBt3AubnKIYo29M7qunfEmcKmi/ErUfNmlRhuSIISz+vq1slv6HClpNA+4o= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1709222004; c=relaxed/simple; bh=mV2ZgBjuVKDEOXc/r95EuVgTVvTvFr1S8fSouRmE8BE=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=Xr1dH2heDMnWZywFv0ttIcnSqpmm7cYw2w9SwxG6UYusaNQaap0vkngZtxkwvzBK7n/t0KIoqtqcznP75EJ94tol/6/rZ+wEMMaG8oXz2/BzP22uiyizEDMIQ7YsXByJkPxuEyBQKV0HnNMhXembo/xGdGtIc3wZOrfLTERedmU= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b=kPlKlMKL; arc=none smtp.client-ip=10.30.226.201 Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=kernel.org header.i=@kernel.org header.b="kPlKlMKL" Received: by smtp.kernel.org (Postfix) with ESMTPSA id 90615C43390; Thu, 29 Feb 2024 15:53:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1709222004; bh=mV2ZgBjuVKDEOXc/r95EuVgTVvTvFr1S8fSouRmE8BE=; h=From:To:Cc:Subject:Date:Reply-to:From; b=kPlKlMKLKPIJwgpXBxfYQkshDRfrArOGd7Sp63NEtRJbwPXiy/JuBPFZjg8P1ySl2 7jKfSLdI6SdBPlYAQK15OfWP4Q1MFZee9HMJ/uZcGptKlVUVpNbD/rcpZd8whT+9Ir clEhertjBvtaptgAIqWilgVTd4y0pwaF/Je5dQ8Zq6beC8FLhpZEoCH9UbVYcN40mv uCUns1HrPfNPRaST8xsOozFAc3VPhA8WGzP3k6TjI9DqNRwZS8HfYRPmCvaMhcBNpR NnlEJdT24woRr/qAZFdUYg+iGVZswhOcVJqh4nuNnPyc/5Yac0UM2E5WFfbApA2cGx BtzJCfX8MjvnQ== From: Lee Jones To: linux-cve-announce@vger.kernel.org Cc: Lee Jones Subject: CVE-2023-52495: soc: qcom: pmic_glink_altmode: fix port sanity check Date: Thu, 29 Feb 2024 15:52:55 +0000 Message-ID: <20240229155245.1571576-36-lee@kernel.org> X-Mailer: git-send-email 2.44.0.rc1.240.g4c46232300-goog Precedence: bulk X-Mailing-List: linux-cve-announce@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Reply-to: , X-Developer-Signature: v=1; a=openpgp-sha256; l=2075; i=lee@kernel.org; h=from:subject; bh=mV2ZgBjuVKDEOXc/r95EuVgTVvTvFr1S8fSouRmE8BE=; b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBl4KhOaWk/l6sSky2XfFTszcdW0tWSseXQJb4bB EjqiWI6b1+JAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZeCoTgAKCRBRr4ovh/x3 YRzFD/9mt3BE7Ti6vqxi54SAilvRi+EL3g/b/o0iSis8eyILkXNEcp+5TagBDmc53+mfJ/xBF8v IUwsfZ+JyUb6JUOXEQi3EJMIQm25OsQk8hid1UUJ37BfWOUO0MKQjAmAF+VXlpiwdwLskX/eCFG 2kjZ7NkMsBoo67VSs3YrP7kLVTjgZw6g4JdIu6J6LQMQs6lr93dT4TJ1swIXtRA3V9mwQfc5bt2 fn/ztyyO+/QmMqtO6zJj+4IzNyEytxZIhXt/uv5qAvOe2cPDRrfLWwQAoxkfp42JUPsIGj9tdhb m9ElzZZTcRuAF3X1Cidw701KlmKH54f3w5AnWKpU9eClKcVbF6efQUjONHI9NwGXT+GfneDcvcG xTtovxLXkm5zvoOuo3dsrWDQYlZIfaFwHUTyamykdXleBaAWvAJU0vBTdLCn/vQ89msUZx2bDlN SMi2mG4KGIusuOClQMtlJ9kQQElYBZD60Baj5C31+goLnkdt9kdrLvdOkJWOry1ypqgwml8PgE/ 5++BbWGNw8mmwIIlllPASSm6+rCeXTUiKHERTXG5oWg+0tk80Vsp7/WXjZkW1mNO5pklxthCAqg RekCedF/MxFBilnGpGyR6KIqeyVTH7xiZNTCAU0lsv1quLbJhVKjOPZptGSGy574d/VgcTEYdPJ 5gOpOVUd3OZF0cw== X-Developer-Key: i=lee@kernel.org; a=openpgp; fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 Content-Transfer-Encoding: 8bit Description =========== In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pmic_glink_altmode: fix port sanity check The PMIC GLINK altmode driver currently supports at most two ports. Fix the incomplete port sanity check on notifications to avoid accessing and corrupting memory beyond the port array if we ever get a notification for an unsupported port. The Linux kernel CVE team has assigned CVE-2023-52495 to this issue. Affected and fixed versions =========================== Issue introduced in 6.3 with commit 080b4e24852b and fixed in 6.6.15 with commit 532a5557da68 Issue introduced in 6.3 with commit 080b4e24852b and fixed in 6.7.3 with commit d26edf4ee367 Issue introduced in 6.3 with commit 080b4e24852b and fixed in 6.8-rc1 with commit c4fb7d2eac9f Please see https://www.kernel.org or a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-52495 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/soc/qcom/pmic_glink_altmode.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/532a5557da6892a6b2d5793052e1bce1f4c9e177 https://git.kernel.org/stable/c/d26edf4ee3672cc9828f2a3ffae34086a712574d https://git.kernel.org/stable/c/c4fb7d2eac9ff9bfc35a2e4d40c7169a332416e0