CVE-2024-50129

Adjust the loop limit to prevent out-of-bounds access when iterating over PI structures. The loop should not reach the index pcdev->nrlines since we allocate exactly pcdev->nrlines number of PI structures. This fix ensures proper bounds are maintained during iterations.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9be9567a7c59b7314ea776f56945fe3fc28efe99

Fixed

50ea68146d82f34b3ad80d8290ef8222136dedd7

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

9be9567a7c59b7314ea776f56945fe3fc28efe99

Fixed

f2767a41959e60763949c73ee180e40c686e807e

Affected versions

v6.*

v6.10

v6.10-rc1

v6.10-rc2

v6.10-rc3

v6.10-rc4

v6.10-rc5

v6.10-rc6

v6.10-rc7

v6.11

v6.11-rc1

v6.11-rc2

v6.11-rc3

v6.11-rc4

v6.11-rc5

v6.11-rc6

v6.11-rc7

v6.11.1

v6.11.2

v6.11.3

v6.11.4

v6.11.5

v6.12-rc1

v6.12-rc2

v6.12-rc3

v6.9

v6.9-rc5

v6.9-rc6

v6.9-rc7

Database specific

vanir_signatures

[
    {
        "signature_type": "Function",
        "signature_version": "v1",
        "id": "CVE-2024-50129-269eabfd",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50ea68146d82f34b3ad80d8290ef8222136dedd7",
        "digest": {
            "function_hash": "22494086198623309352359062313329311629",
            "length": 202.0
        },
        "target": {
            "file": "drivers/net/pse-pd/pse_core.c",
            "function": "of_pse_match_pi"
        }
    },
    {
        "signature_type": "Line",
        "signature_version": "v1",
        "id": "CVE-2024-50129-c8815adb",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50ea68146d82f34b3ad80d8290ef8222136dedd7",
        "digest": {
            "line_hashes": [
                "188911112781243809137131697985850126703",
                "202391932632387128856476966575683927617",
                "52707982733351153833360891794442883918",
                "94952536613317078946548958834145149822",
                "6703260131101181877711400990577278114",
                "4343692255437314862835293149273799547",
                "269032884550687161511332883856011654081",
                "289607770276769328549269179240430984362"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "drivers/net/pse-pd/pse_core.c"
        }
    },
    {
        "signature_type": "Function",
        "signature_version": "v1",
        "id": "CVE-2024-50129-f54e5590",
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@50ea68146d82f34b3ad80d8290ef8222136dedd7",
        "digest": {
            "function_hash": "281391628878689271592478531185641079793",
            "length": 290.0
        },
        "target": {
            "file": "drivers/net/pse-pd/pse_core.c",
            "function": "pse_release_pis"
        }
    }
]

CVE-2024-50129

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Affected versions

v6.*

Database specific

vanir_signatures

Linux / Kernel

Package

Affected ranges