APPLIED: [SRU][N][PATCH 0/1] CVE-2024-42159
Roxana Nicolescu
roxana.nicolescu at canonical.com
Mon Aug 26 06:49:46 UTC 2024
On 21/08/2024 17:18, Massimiliano Pellizzer wrote:
> [Impact]
>
> scsi: mpi3mr: Sanitise num_phys
>
> Information is stored in mr_sas_port->phy_mask, values larger then size of
> this field shouldn't be allowed.
>
> [Fix]
>
> Noble: Cherry picked cleanly from linux-6.9.y
> Jammy: Not affected
> Focal: Not affected
> Bionic: Not affected
> Xenial: Not affected
>
> [Test Case]
>
> Compile and boot tested.
>
> [Where problems could occur]
>
> The fix affects the mpi3mr SCSI driver. An issue with this fix would
> cause failures in RAID controller initialization or communication,
> potentially leading to storage device detection problems or I/O errors
> during data transfer.
>
> Tomas Henzl (1):
> scsi: mpi3mr: Sanitise num_phys
>
> drivers/scsi/mpi3mr/mpi3mr_transport.c | 10 ++++++++++
> 1 file changed, 10 insertions(+)
>
Applied to noble:linux master-next branch. Thanks!
More information about the kernel-team
mailing list