7.8

CVE-2024-47751

PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()

In the Linux kernel, the following vulnerability has been resolved:

PCI: kirin: Fix buffer overflow in kirin_pcie_parse_port()

Within kirin_pcie_parse_port(), the pcie->num_slots is compared to
pcie->gpio_id_reset size (MAX_PCI_SLOTS) which is correct and would lead
to an overflow.

Thus, fix condition to pcie->num_slots + 1 >= MAX_PCI_SLOTS and move
pcie->num_slots increment below the if-statement to avoid out-of-bounds
array access.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

[kwilczynski: commit log]
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LinuxLinux Kernel Version >= 5.16 < 6.1.113
LinuxLinux Kernel Version >= 6.2 < 6.6.54
LinuxLinux Kernel Version >= 6.7 < 6.10.13
LinuxLinux Kernel Version >= 6.11 < 6.11.2
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.23% 0.138
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 1.8 5.9
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

https://git.kernel.org/stable/c/6dcc5b49d6607a741a14122bf3105f3ac50d259e
Patch
https://git.kernel.org/stable/c/95248d7497bcbfe7deed4805469c6ff6ddd7f9d1
Patch
https://git.kernel.org/stable/c/a5f795f9412854df28e66679c5e6b68b0b79c229
Patch
https://git.kernel.org/stable/c/aeb0335971806e15ac91e838ca471936c8e7efd5
Patch
https://git.kernel.org/stable/c/c500a86693a126c9393e602741e348f80f1b0fc5
Patch
https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html