lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <2024111949-CVE-2024-50287-bf9b@gregkh>
Date: Tue, 19 Nov 2024 02:32:42 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-50287: media: v4l2-tpg: prevent the risk of a division by zero

Description
===========

In the Linux kernel, the following vulnerability has been resolved:

media: v4l2-tpg: prevent the risk of a division by zero

As reported by Coverity, the logic at tpg_precalculate_line()
blindly rescales the buffer even when scaled_witdh is equal to
zero. If this ever happens, this will cause a division by zero.

Instead, add a WARN_ON_ONCE() to trigger such cases and return
without doing any precalculation.

The Linux kernel CVE team has assigned CVE-2024-50287 to this issue.


Affected and fixed versions
===========================

	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 4.19.324 with commit e3c36d0bde30
	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 5.4.286 with commit 0bfc6e38ee22
	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 5.10.230 with commit 054931ca3cfc
	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 5.15.172 with commit a749c15dccc5
	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.1.117 with commit c63c30c9d9f2
	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.6.61 with commit 2d0f01aa602f
	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.11.8 with commit 0cdb42ba0b28
	Issue introduced in 3.18 with commit 63881df94d3e and fixed in 6.12 with commit e6a3ea83fbe1

Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.

Unaffected versions might change over time as fixes are backported to
older supported kernel versions.  The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-50287
will be updated if fixes are backported, please check that for the most
up to date information about this issue.


Affected files
==============

The file(s) affected by this issue are:
	drivers/media/common/v4l2-tpg/v4l2-tpg-core.c


Mitigation
==========

The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes.  Individual
changes are never tested alone, but rather are part of a larger kernel
release.  Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all.  If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
	https://git.kernel.org/stable/c/e3c36d0bde309f690ed1f9cd5f7e63b3a513f94a
	https://git.kernel.org/stable/c/0bfc6e38ee2250f0503d96f1a1de441c31d88715
	https://git.kernel.org/stable/c/054931ca3cfcb8e8fa036e887d6f379942b02565
	https://git.kernel.org/stable/c/a749c15dccc58d9cbad9cd23bd8ab4b5fa96cf47
	https://git.kernel.org/stable/c/c63c30c9d9f2c8de34b16cd2b8400240533b914e
	https://git.kernel.org/stable/c/2d0f01aa602fd15a805771bdf3f4d9a9b4df7f47
	https://git.kernel.org/stable/c/0cdb42ba0b28f548c1a4e86bb8489dba0d78fc21
	https://git.kernel.org/stable/c/e6a3ea83fbe15d4818d01804e904cbb0e64e543b

Powered by blists - more mailing lists