7.8

CVE-2024-27075

media: dvb-frontends: avoid stack overflow warnings with clang

In the Linux kernel, the following vulnerability has been resolved:

media: dvb-frontends: avoid stack overflow warnings with clang

A previous patch worked around a KASAN issue in stv0367, now a similar
problem showed up with clang:

drivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in 'stv0367ter_set_frontend' [-Werror,-Wframe-larger-than]
 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)

Rework the stv0367_writereg() function to be simpler and mark both
register access functions as noinline_for_stack so the temporary
i2c_msg structures do not get duplicated on the stack when KASAN_STACK
is enabled.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 4.4.168 < 4.5
LinuxLinux Kernel Version >= 4.9.82 < 4.10
LinuxLinux Kernel Version >= 4.14.20 < 4.15
LinuxLinux Kernel Version >= 4.15.4 < 4.19.311
LinuxLinux Kernel Version >= 4.20 < 5.4.273
LinuxLinux Kernel Version >= 5.5 < 5.10.214
LinuxLinux Kernel Version >= 5.11 < 5.15.153
LinuxLinux Kernel Version >= 5.16 < 6.1.83
LinuxLinux Kernel Version >= 6.2 < 6.6.23
LinuxLinux Kernel Version >= 6.7 < 6.7.11
LinuxLinux Kernel Version >= 6.8 < 6.8.2
DebianDebian Linux Version10.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.33% 0.246
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Es wurden noch keine Informationen zu CWE veröffentlicht.
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
Third Party Advisory
Mailing List
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
Third Party Advisory
Mailing List
https://git.kernel.org/stable/c/107052a8cfeff3a97326277192b4f052e4860a8a
Patch
https://git.kernel.org/stable/c/7a4cf27d1f0538f779bf31b8c99eda394e277119
Patch
https://git.kernel.org/stable/c/8fad9c5bb00d3a9508d18bbfe832e33a47377730
Patch
https://git.kernel.org/stable/c/c073c8cede5abd3836e83d70d72606d11d0759d4
Patch
https://git.kernel.org/stable/c/d20b64f156de5d10410963fe238d82a4e7e97a2f
Patch
https://git.kernel.org/stable/c/d6b4895197ab5a47cb81c6852d49320b05052960
Patch
https://git.kernel.org/stable/c/ed514ecf4f29c80a2f09ae3c877059b401efe893
Patch
https://git.kernel.org/stable/c/fa8b472952ef46eb632825051078c21ce0cafe55
Patch
https://git.kernel.org/stable/c/fb07104a02e87c06c39914d13ed67fd8f839ca82
Patch