| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024122926-CVE-2024-56745-b06b@gregkh>
Date: Sun, 29 Dec 2024 12:29:38 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-56745: PCI: Fix reset_method_store() memory leak
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
PCI: Fix reset_method_store() memory leak
In reset_method_store(), a string is allocated via kstrndup() and assigned
to the local "options". options is then used in with strsep() to find
spaces:
while ((name = strsep(&options, " ")) != NULL) {
If there are no remaining spaces, then options is set to NULL by strsep(),
so the subsequent kfree(options) doesn't free the memory allocated via
kstrndup().
Fix by using a separate tmp_options to iterate with strsep() so options is
preserved.
The Linux kernel CVE team has assigned CVE-2024-56745 to this issue.
Affected and fixed versions
===========================
Issue introduced in 5.15 with commit d88f521da3efd698e36d0d504a2abba6ac4f5ef8 and fixed in 5.15.174 with commit 403efb4457c0c8f8f51e904cc57d39193780c6bd
Issue introduced in 5.15 with commit d88f521da3efd698e36d0d504a2abba6ac4f5ef8 and fixed in 6.1.120 with commit 931d07ccffcc3614f20aaf602b31e89754e21c59
Issue introduced in 5.15 with commit d88f521da3efd698e36d0d504a2abba6ac4f5ef8 and fixed in 6.6.64 with commit 8e098baf6bc3f3a6aefc383509aba07e202f7ee0
Issue introduced in 5.15 with commit d88f521da3efd698e36d0d504a2abba6ac4f5ef8 and fixed in 6.11.11 with commit 543d0eb40e45c6a51f1bff02f417b602e54472d5
Issue introduced in 5.15 with commit d88f521da3efd698e36d0d504a2abba6ac4f5ef8 and fixed in 6.12.2 with commit fe6fae61f3b993160aef5fe2b7141a83872c144f
Issue introduced in 5.15 with commit d88f521da3efd698e36d0d504a2abba6ac4f5ef8 and fixed in 6.13-rc1 with commit 2985b1844f3f3447f2d938eff1ef6762592065a5
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2024-56745
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/pci/pci.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/403efb4457c0c8f8f51e904cc57d39193780c6bd
https://git.kernel.org/stable/c/931d07ccffcc3614f20aaf602b31e89754e21c59
https://git.kernel.org/stable/c/8e098baf6bc3f3a6aefc383509aba07e202f7ee0
https://git.kernel.org/stable/c/543d0eb40e45c6a51f1bff02f417b602e54472d5
https://git.kernel.org/stable/c/fe6fae61f3b993160aef5fe2b7141a83872c144f
https://git.kernel.org/stable/c/2985b1844f3f3447f2d938eff1ef6762592065a5
Powered by blists - more mailing lists