| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025010807-CVE-2024-56781-7b75@gregkh>
Date: Wed, 8 Jan 2025 18:52:07 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2024-56781: powerpc/prom_init: Fixup missing powermac #size-cells
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
powerpc/prom_init: Fixup missing powermac #size-cells
On some powermacs `escc` nodes are missing `#size-cells` properties,
which is deprecated and now triggers a warning at boot since commit
045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells
handling").
For example:
Missing '#size-cells' in /pci@...00000/mac-io@...scc@...00
WARNING: CPU: 0 PID: 0 at drivers/of/base.c:133 of_bus_n_size_cells+0x98/0x108
Hardware name: PowerMac3,1 7400 0xc0209 PowerMac
...
Call Trace:
of_bus_n_size_cells+0x98/0x108 (unreliable)
of_bus_default_count_cells+0x40/0x60
__of_get_address+0xc8/0x21c
__of_address_to_resource+0x5c/0x228
pmz_init_port+0x5c/0x2ec
pmz_probe.isra.0+0x144/0x1e4
pmz_console_init+0x10/0x48
console_init+0xcc/0x138
start_kernel+0x5c4/0x694
As powermacs boot via prom_init it's possible to add the missing
properties to the device tree during boot, avoiding the warning. Note
that `escc-legacy` nodes are also missing `#size-cells` properties, but
they are skipped by the macio driver, so leave them alone.
Depends-on: 045b14ca5c36 ("of: WARN on deprecated #address-cells/#size-cells handling")
The Linux kernel CVE team has assigned CVE-2024-56781 to this issue.
Affected and fixed versions
===========================
Fixed in 5.4.287 with commit 0b94d838018fb0a824e0cd3149034928c99fb1b7
Fixed in 5.10.231 with commit a79a7e3c03ae2a07f68b5f24d5ed549f9799ec89
Fixed in 5.15.174 with commit ee68554d2c03e32077f7b984e5289fdb005036d2
Fixed in 6.1.120 with commit 6d5f0453a2228607333bff0c85238a3cb495d194
Fixed in 6.6.66 with commit 691284c2cd33ffaa0b35ce53b3286b90621e9dc9
Fixed in 6.12.5 with commit 296a109fa77110ba5267fe0e90a26005eecc2726
Fixed in 6.13-rc1 with commit cf89c9434af122f28a3552e6f9cc5158c33ce50a
Please see https://www.kernel.org for a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2024-56781
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
arch/powerpc/kernel/prom_init.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/0b94d838018fb0a824e0cd3149034928c99fb1b7
https://git.kernel.org/stable/c/a79a7e3c03ae2a07f68b5f24d5ed549f9799ec89
https://git.kernel.org/stable/c/ee68554d2c03e32077f7b984e5289fdb005036d2
https://git.kernel.org/stable/c/6d5f0453a2228607333bff0c85238a3cb495d194
https://git.kernel.org/stable/c/691284c2cd33ffaa0b35ce53b3286b90621e9dc9
https://git.kernel.org/stable/c/296a109fa77110ba5267fe0e90a26005eecc2726
https://git.kernel.org/stable/c/cf89c9434af122f28a3552e6f9cc5158c33ce50a
Powered by blists - more mailing lists