摘要:
In the Linux kernel, the following vulnerability has been resolved:
ASoC: dapm: fix bounds checker error in dapm_widget_list_create
The widgets array in the snd_soc_dapm_widget_list has a __counted_by
attribute attached to it, which points to the num_widgets variable. This
attribute is used in bounds checking, and if it is not set before the
array is filled, then the bounds sanitizer will issue a warning or a
kernel panic if CONFIG_UBSAN_TRAP is set.
This patch sets the size of the widgets list calculated with
list_for_each as the initial value for num_widgets as it is used for
allocating memory for the array. It is updated with the actual number of
added elements after the array is filled.
安全等级: Low
公告ID: KylinSec-SA-2024-4458
发布日期: 2024年12月1日
关联CVE: CVE-2024-53045
In the Linux kernel, the following vulnerability has been resolved:
ASoC: dapm: fix bounds checker error in dapm_widget_list_create
The widgets array in the snd_soc_dapm_widget_list has a __counted_by
attribute attached to it, which points to the num_widgets variable. This
attribute is used in bounds checking, and if it is not set before the
array is filled, then the bounds sanitizer will issue a warning or a
kernel panic if CONFIG_UBSAN_TRAP is set.
This patch sets the size of the widgets list calculated with
list_for_each as the initial value for num_widgets as it is used for
allocating memory for the array. It is updated with the actual number of
added elements after the array is filled.
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-53045 | KY3.4-5A | kernel | Unaffected |
| CVE-2024-53045 | KY3.5.3 | kernel | Unaffected |
| CVE-2024-53045 | V6 | kernel | Unaffected |
