[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2024041004-CVE-2021-47210-1d37@gregkh>
Date: Wed, 10 Apr 2024 21:02:03 +0200
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2021-47210: usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: tipd: Remove WARN_ON in tps6598x_block_read
Calling tps6598x_block_read with a higher than allowed len can be
handled by just returning an error. There's no need to crash systems
with panic-on-warn enabled.
The Linux kernel CVE team has assigned CVE-2021-47210 to this issue.
Affected and fixed versions
===========================
Fixed in 4.19.218 with commit 2a897d384513
Fixed in 5.4.162 with commit 30dcfcda8992
Fixed in 5.10.82 with commit eff8b7628410
Fixed in 5.15.5 with commit 2c71811c963b
Fixed in 5.16 with commit b7a0a63f3fed
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2021-47210
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/usb/typec/tipd/core.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/2a897d384513ba7f7ef05611338b9a6ec6aeac00
https://git.kernel.org/stable/c/30dcfcda8992dc42f18e7d35b6a1fa72372d382d
https://git.kernel.org/stable/c/eff8b7628410cb2eb562ca0d5d1f12e27063733e
https://git.kernel.org/stable/c/2c71811c963b6c310a29455d521d31a7ea6c5b5e
https://git.kernel.org/stable/c/b7a0a63f3fed57d413bb857de164ea9c3984bc4e
Powered by blists - more mailing lists