[PATCH 5.10.y 0/1] Backport fix for CVE-2024-49935

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch addresses CVE-2024-49935 [1], a vulnerability in ACPI
subsystem caused by calling cpumask_clear_cpu() with bit to
clear set to 0xffffffff, thus leading to erroneous memory
access. The issue is still present in 5.10.y kernel.

The original commit [2] has been backported to several stable
branches (5.15.y and fresher) and now has been cherry-picked for
5.10.y.

[1] https://nvd.nist.gov/vuln/detail/CVE-2024-49935
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=0a2ed70a549e61c5181bad5db418d223b68ae932

Seiji Nishikawa (1):
  ACPI: PAD: fix crash in exit_round_robin()

 drivers/acpi/acpi_pad.c | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

-- 
2.25.1





[Index of Archives]     [Linux IBM ACPI]     [Linux Power Management]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]
  Powered by Linux