| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025122426-CVE-2023-54056-fd56@gregkh> Date: Wed, 24 Dec 2025 13:26:49 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-54056: kheaders: Use array declaration instead of char From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: kheaders: Use array declaration instead of char Under CONFIG_FORTIFY_SOURCE, memcpy() will check the size of destination and source buffers. Defining kernel_headers_data as "char" would trip this check. Since these addresses are treated as byte arrays, define them as arrays (as done everywhere else). This was seen with: $ cat /sys/kernel/kheaders.tar.xz >> /dev/null detected buffer overflow in memcpy kernel BUG at lib/string_helpers.c:1027! ... RIP: 0010:fortify_panic+0xf/0x20 [...] Call Trace: <TASK> ikheaders_read+0x45/0x50 [kheaders] kernfs_fop_read_iter+0x1a4/0x2f0 ... The Linux kernel CVE team has assigned CVE-2023-54056 to this issue. Affected and fixed versions =========================== Issue introduced in 5.2 with commit 43d8ce9d65a54846d378545770991e65838981e0 and fixed in 5.4.243 with commit 719459877d58c8aced5845c1e5b98d8d87d09197 Issue introduced in 5.2 with commit 43d8ce9d65a54846d378545770991e65838981e0 and fixed in 5.10.180 with commit fcd2da2e6bf2640a31a2a5b118b50dc3635c707b Issue introduced in 5.2 with commit 43d8ce9d65a54846d378545770991e65838981e0 and fixed in 5.15.111 with commit 4a07d2d511e2703efd4387891d49e0326f1157f3 Issue introduced in 5.2 with commit 43d8ce9d65a54846d378545770991e65838981e0 and fixed in 6.1.28 with commit b9f6845a492de20679b84bda6b08be347c5819da Issue introduced in 5.2 with commit 43d8ce9d65a54846d378545770991e65838981e0 and fixed in 6.2.15 with commit d6d1af6b8611801b585c53c0cc63626c8d339e96 Issue introduced in 5.2 with commit 43d8ce9d65a54846d378545770991e65838981e0 and fixed in 6.3.2 with commit 82d2e01b95c439fe55fab5e04fc83387c42d3a48 Issue introduced in 5.2 with commit 43d8ce9d65a54846d378545770991e65838981e0 and fixed in 6.4 with commit b69edab47f1da8edd8e7bfdf8c70f51a2a5d89fb Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-54056 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: kernel/kheaders.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/719459877d58c8aced5845c1e5b98d8d87d09197 https://git.kernel.org/stable/c/fcd2da2e6bf2640a31a2a5b118b50dc3635c707b https://git.kernel.org/stable/c/4a07d2d511e2703efd4387891d49e0326f1157f3 https://git.kernel.org/stable/c/b9f6845a492de20679b84bda6b08be347c5819da https://git.kernel.org/stable/c/d6d1af6b8611801b585c53c0cc63626c8d339e96 https://git.kernel.org/stable/c/82d2e01b95c439fe55fab5e04fc83387c42d3a48 https://git.kernel.org/stable/c/b69edab47f1da8edd8e7bfdf8c70f51a2a5d89fb
Powered by blists - more mailing lists