lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aAicoAmxX0B_O3Ok@tiehlicka>
Date: Wed, 23 Apr 2025 09:54:08 +0200
From: Michal Hocko <mhocko@...e.com>
To: cve@...nel.org, linux-kernel@...r.kernel.org
Cc: linux-cve-announce@...r.kernel.org,
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: Re: CVE-2024-56705: media: atomisp: Add check for rgby_data memory
 allocation failure

Hi,
our internal tools which are working with vulns.git tree have noticed
that this CVE entry has been altered after the announcement.

There was an additional commit added to the CVE entry. The current state
is
$ cat cve/published/2024/CVE-2024-56705.sha1
ed61c59139509f76d3592683c90dc3fdc6e23cd6
51b8dc5163d2ff2bf04019f8bf7e3bd0e75bb654

There seem to be handful of other cases like this one AFAICS.

I have 3 questions:
1) What is 51b8dc5163d2 ("media: staging: atomisp: Remove driver")
   relation to the original CVE which seems to be about a missing memory
   allocation failure check?
2) What is the process when a CVE is altered? have I missed any email
   notification?
3) Until now CVE -> sha was a 1:1 mapping. Can we expect this to change
   and what exactly is the process here?

Thanks!

On Sat 28-12-24 10:45:57, Greg KH wrote:
> Description
> ===========
> 
> In the Linux kernel, the following vulnerability has been resolved:
> 
> media: atomisp: Add check for rgby_data memory allocation failure
> 
> In ia_css_3a_statistics_allocate(), there is no check on the allocation
> result of the rgby_data memory. If rgby_data is not successfully
> allocated, it may trigger the assert(host_stats->rgby_data) assertion in
> ia_css_s3a_hmem_decode(). Adding a check to fix this potential issue.
> 
> The Linux kernel CVE team has assigned CVE-2024-56705 to this issue.
> 
> 
> Affected and fixed versions
> ===========================
> 
> 	Issue introduced in 4.12 with commit a49d25364dfb9f8a64037488a39ab1f56c5fa419 and fixed in 5.10.231 with commit 0c24b82bc4d12c6a58ceacbf2598cd4df63abf9a
> 	Issue introduced in 4.12 with commit a49d25364dfb9f8a64037488a39ab1f56c5fa419 and fixed in 5.15.174 with commit 4676e50444046b498555b849e6080a5c78cdda9b
> 	Issue introduced in 4.12 with commit a49d25364dfb9f8a64037488a39ab1f56c5fa419 and fixed in 6.1.120 with commit 02a97d9d7ff605fa4a1f908d1bd3ad8573234b61
> 	Issue introduced in 4.12 with commit a49d25364dfb9f8a64037488a39ab1f56c5fa419 and fixed in 6.6.64 with commit 8066badaf7463194473fb4be19dbe50b11969aa0
> 	Issue introduced in 4.12 with commit a49d25364dfb9f8a64037488a39ab1f56c5fa419 and fixed in 6.11.11 with commit 74aa783682c4d78c69d87898e40c78df1fec204e
> 	Issue introduced in 4.12 with commit a49d25364dfb9f8a64037488a39ab1f56c5fa419 and fixed in 6.12.2 with commit 0c25ab93f2878cab07d37ca5afd302283201e5af
> 	Issue introduced in 4.12 with commit a49d25364dfb9f8a64037488a39ab1f56c5fa419 and fixed in 6.13-rc1 with commit ed61c59139509f76d3592683c90dc3fdc6e23cd6
> 
> Please see https://www.kernel.org for a full list of currently supported
> kernel versions by the kernel community.
> 
> Unaffected versions might change over time as fixes are backported to
> older supported kernel versions.  The official CVE entry at
> 	https://cve.org/CVERecord/?id=CVE-2024-56705
> will be updated if fixes are backported, please check that for the most
> up to date information about this issue.
> 
> 
> Affected files
> ==============
> 
> The file(s) affected by this issue are:
> 	drivers/staging/media/atomisp/pci/sh_css_params.c
> 
> 
> Mitigation
> ==========
> 
> The Linux kernel CVE team recommends that you update to the latest
> stable kernel version for this, and many other bugfixes.  Individual
> changes are never tested alone, but rather are part of a larger kernel
> release.  Cherry-picking individual commits is not recommended or
> supported by the Linux kernel community at all.  If however, updating to
> the latest release is impossible, the individual changes to resolve this
> issue can be found at these commits:
> 	https://git.kernel.org/stable/c/0c24b82bc4d12c6a58ceacbf2598cd4df63abf9a
> 	https://git.kernel.org/stable/c/4676e50444046b498555b849e6080a5c78cdda9b
> 	https://git.kernel.org/stable/c/02a97d9d7ff605fa4a1f908d1bd3ad8573234b61
> 	https://git.kernel.org/stable/c/8066badaf7463194473fb4be19dbe50b11969aa0
> 	https://git.kernel.org/stable/c/74aa783682c4d78c69d87898e40c78df1fec204e
> 	https://git.kernel.org/stable/c/0c25ab93f2878cab07d37ca5afd302283201e5af
> 	https://git.kernel.org/stable/c/ed61c59139509f76d3592683c90dc3fdc6e23cd6

-- 
Michal Hocko
SUSE Labs

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ