009f3aca85
JIRA: https://issues.redhat.com/browse/RHEL-29457
CVE: CVE-2023-52614
commit 08e23d05fa6dc4fc13da0ccf09defdd4bbc92ff4
Author: Christian Marangi <ansuelsmth@gmail.com>
Date: Tue, 24 Oct 2023 20:30:15 +0200
Fix buffer overflow in trans_stat_show().
Convert simple snprintf to the more secure scnprintf with size of
PAGE_SIZE.
Add condition checking if we are exceeding PAGE_SIZE and exit early from
loop. Also add at the end a warning that we exceeded PAGE_SIZE and that
stats is disabled.
Return -EFBIG in the case where we don't have enough space to write the
full transition table.
Also document in the ABI that this function can return -EFBIG error.
Link: https://lore.kernel.org/all/20231024183016.14648-2-ansuelsmth@gmail.com/
Cc: stable@vger.kernel.org
Closes: https://bugzilla.kernel.org/show_bug.cgi?id=218041
Fixes:
|
||
|---|---|---|
| .. | ||
| event | ||
| Kconfig | ||
| Makefile | ||
| devfreq-event.c | ||
| devfreq.c | ||
| exynos-bus.c | ||
| governor.h | ||
| governor_passive.c | ||
| governor_performance.c | ||
| governor_powersave.c | ||
| governor_simpleondemand.c | ||
| governor_userspace.c | ||
| imx-bus.c | ||
| imx8m-ddrc.c | ||
| rk3399_dmc.c | ||
| tegra30-devfreq.c | ||