| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025022607-CVE-2022-49500-2b04@gregkh> Date: Wed, 26 Feb 2025 03:12:54 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2022-49500: wl1251: dynamically allocate memory used for DMA Description =========== In the Linux kernel, the following vulnerability has been resolved: wl1251: dynamically allocate memory used for DMA With introduction of vmap'ed stacks, stack parameters can no longer be used for DMA and now leads to kernel panic. It happens at several places for the wl1251 (e.g. when accessed through SDIO) making it unuseable on e.g. the OpenPandora. We solve this by allocating temporary buffers or use wl1251_read32(). Tested on v5.18-rc5 with OpenPandora. The Linux kernel CVE team has assigned CVE-2022-49500 to this issue. Affected and fixed versions =========================== Issue introduced in 5.18 with commit a1c510d0adc604bb143c86052bc5be48cbcfa17c and fixed in 5.18.3 with commit da03bbfbf5acd1ab0b074617e865ad1e8a5779ef Issue introduced in 5.18 with commit a1c510d0adc604bb143c86052bc5be48cbcfa17c and fixed in 5.19 with commit 454744754cbf2c21b3fc7344e46e10bee2768094 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2022-49500 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/net/wireless/ti/wl1251/event.c drivers/net/wireless/ti/wl1251/io.c drivers/net/wireless/ti/wl1251/tx.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/da03bbfbf5acd1ab0b074617e865ad1e8a5779ef https://git.kernel.org/stable/c/454744754cbf2c21b3fc7344e46e10bee2768094
Powered by blists - more mailing lists