摘要:
In the Linux kernel, the following vulnerability has been resolved:
kunit/overflow: Fix UB in overflow_allocation_test
The 'device_name' array doesn't exist out of the
'overflow_allocation_test' function scope. However, it is being used as
a driver name when calling 'kunit_driver_create' from
'kunit_device_register'. It produces the kernel panic with KASAN
enabled.
Since this variable is used in one place only, remove it and pass the
device name into kunit_device_register directly as an ascii string.
安全等级: Low
公告ID: KylinSec-SA-2024-4036
发布日期: 2024年10月25日
关联CVE: CVE-2024-46823
In the Linux kernel, the following vulnerability has been resolved:
kunit/overflow: Fix UB in overflow_allocation_test
The 'device_name' array doesn't exist out of the
'overflow_allocation_test' function scope. However, it is being used as
a driver name when calling 'kunit_driver_create' from
'kunit_device_register'. It produces the kernel panic with KASAN
enabled.
Since this variable is used in one place only, remove it and pass the
device name into kunit_device_register directly as an ascii string.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-46823 | KY3.4-5A | kernel | Unaffected |
| CVE-2024-46823 | KY3.5.2 | kernel | Unaffected |
| CVE-2024-46823 | V6 | kernel | Unaffected |
