| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025091146-CVE-2025-39772-ddb9@gregkh> Date: Thu, 11 Sep 2025 18:56:51 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2025-39772: drm/hisilicon/hibmc: fix the hibmc loaded failed bug From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: drm/hisilicon/hibmc: fix the hibmc loaded failed bug When hibmc loaded failed, the driver use hibmc_unload to free the resource, but the mutexes in mode.config are not init, which will access an NULL pointer. Just change goto statement to return, because hibnc_hw_init() doesn't need to free anything. The Linux kernel CVE team has assigned CVE-2025-39772 to this issue. Affected and fixed versions =========================== Issue introduced in 4.14 with commit b3df5e65cc03696b0624a877d03a3ddf3ef43f52 and fixed in 5.15.190 with commit ddf1691f25345699296e642f0f59f2d464722fa3 Issue introduced in 4.14 with commit b3df5e65cc03696b0624a877d03a3ddf3ef43f52 and fixed in 6.1.149 with commit c950e1be3a24d021475b56efdb49daa7fbba63a9 Issue introduced in 4.14 with commit b3df5e65cc03696b0624a877d03a3ddf3ef43f52 and fixed in 6.6.103 with commit f93032e5d68f459601c701f6ab087b5feb3382e8 Issue introduced in 4.14 with commit b3df5e65cc03696b0624a877d03a3ddf3ef43f52 and fixed in 6.12.44 with commit a4f1b9c57092c48bdc7958abd23403ccaed437b2 Issue introduced in 4.14 with commit b3df5e65cc03696b0624a877d03a3ddf3ef43f52 and fixed in 6.16.4 with commit d3e774266c28aefab3e9db334fdf568f936cae04 Issue introduced in 4.14 with commit b3df5e65cc03696b0624a877d03a3ddf3ef43f52 and fixed in 6.17-rc3 with commit 93a08f856fcc5aaeeecad01f71bef3088588216a Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2025-39772 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: drivers/gpu/drm/hisilicon/hibmc/hibmc_drm_drv.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/ddf1691f25345699296e642f0f59f2d464722fa3 https://git.kernel.org/stable/c/c950e1be3a24d021475b56efdb49daa7fbba63a9 https://git.kernel.org/stable/c/f93032e5d68f459601c701f6ab087b5feb3382e8 https://git.kernel.org/stable/c/a4f1b9c57092c48bdc7958abd23403ccaed437b2 https://git.kernel.org/stable/c/d3e774266c28aefab3e9db334fdf568f936cae04 https://git.kernel.org/stable/c/93a08f856fcc5aaeeecad01f71bef3088588216a
Powered by blists - more mailing lists