| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024111949-CVE-2024-50287-bf9b@gregkh> Date: Tue, 19 Nov 2024 02:32:42 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2024-50287: media: v4l2-tpg: prevent the risk of a division by zero Description =========== In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: prevent the risk of a division by zero As reported by Coverity, the logic at tpg_precalculate_line() blindly rescales the buffer even when scaled_witdh is equal to zero. If this ever happens, this will cause a division by zero. Instead, add a WARN_ON_ONCE() to trigger such cases and return without doing any precalculation. The Linux kernel CVE team has assigned CVE-2024-50287 to this issue. Affected and fixed versions =========================== Issue introduced in 3.18 with commit 63881df94d3e and fixed in 4.19.324 with commit e3c36d0bde30 Issue introduced in 3.18 with commit 63881df94d3e and fixed in 5.4.286 with commit 0bfc6e38ee22 Issue introduced in 3.18 with commit 63881df94d3e and fixed in 5.10.230 with commit 054931ca3cfc Issue introduced in 3.18 with commit 63881df94d3e and fixed in 5.15.172 with commit a749c15dccc5 Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.1.117 with commit c63c30c9d9f2 Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.6.61 with commit 2d0f01aa602f Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.11.8 with commit 0cdb42ba0b28 Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.12 with commit e6a3ea83fbe1 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2024-50287 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/media/common/v4l2-tpg/v4l2-tpg-core.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/e3c36d0bde309f690ed1f9cd5f7e63b3a513f94a https://git.kernel.org/stable/c/0bfc6e38ee2250f0503d96f1a1de441c31d88715 https://git.kernel.org/stable/c/054931ca3cfcb8e8fa036e887d6f379942b02565 https://git.kernel.org/stable/c/a749c15dccc58d9cbad9cd23bd8ab4b5fa96cf47 https://git.kernel.org/stable/c/c63c30c9d9f2c8de34b16cd2b8400240533b914e https://git.kernel.org/stable/c/2d0f01aa602fd15a805771bdf3f4d9a9b4df7f47 https://git.kernel.org/stable/c/0cdb42ba0b28f548c1a4e86bb8489dba0d78fc21 https://git.kernel.org/stable/c/e6a3ea83fbe15d4818d01804e904cbb0e64e543b
Powered by blists - more mailing lists