| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025010208-CVE-2022-49035-5a59@gregkh> Date: Thu, 2 Jan 2025 15:38:09 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49035: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE Description =========== In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just in case it hasn't, check for this corner case. The Linux kernel CVE team has assigned CVE-2022-49035 to this issue. Affected and fixed versions =========================== Fixed in 4.9.333 with commit 7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a Fixed in 4.14.299 with commit fc0f76dd5f116fa9291327024dda392f8b4e849c Fixed in 4.19.265 with commit a2728bf9b6c65e46468c763e3dab7e04839d4e11 Fixed in 5.4.224 with commit 4a449430ecfb199b99ba58af63c467eb53500b39 Fixed in 5.10.154 with commit 1609231f86760c1f6a429de7913dd795b9faa08c Fixed in 5.15.78 with commit cbfa26936f318b16ccf9ca31b8e8b30c0dc087bd Fixed in 6.0.8 with commit 2654e785bd4aa2439cdffbe7dc1ea30a0eddbfe4 Fixed in 6.1 with commit 93f65ce036863893c164ca410938e0968964b26c Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49035 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/media/cec/platform/s5p/s5p_cec.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/7ccb40f26cbefa1c6dfd3418bea54c9518cdbd8a https://git.kernel.org/stable/c/fc0f76dd5f116fa9291327024dda392f8b4e849c https://git.kernel.org/stable/c/a2728bf9b6c65e46468c763e3dab7e04839d4e11 https://git.kernel.org/stable/c/4a449430ecfb199b99ba58af63c467eb53500b39 https://git.kernel.org/stable/c/1609231f86760c1f6a429de7913dd795b9faa08c https://git.kernel.org/stable/c/cbfa26936f318b16ccf9ca31b8e8b30c0dc087bd https://git.kernel.org/stable/c/2654e785bd4aa2439cdffbe7dc1ea30a0eddbfe4 https://git.kernel.org/stable/c/93f65ce036863893c164ca410938e0968964b26c
Powered by blists - more mailing lists