[SRU][F][PATCH 0/1] CVE-2023-52488
Jacob Martin
jacob.martin at canonical.com
Mon Oct 21 17:02:37 UTC 2024
[Impact]
The sc16is7xx driver uses regmap_raw_read and regmap_raw_write to access the
IC's FIFOs in a burst mode that doesn't increment the register address for each
byte. The functions regmap_raw_read and regmap_raw_write assume that the
register's address *is* incremented, update the regmap cache accordingly, and
thus would end up corrupting it. The driver works around this by disabling the
regmap cache while calling these functions. Fully resolve the issue by using
the regmap_noinc_read and regmap_noinc_write functions, which correctly assume
the register's address *is not* incremented.
[Fix]
Noble: Not affected
Jammy: Fix released
Focal: Backport from linux-5.10.y stable branch, context adjustments
Bionic: Patchset sent to ESM list
Xenial: Patchset sent to ESM list
Trusty: Not affected
[Test Case]
Compile tested.
[Where problems could occur]
This change modifies the FIFO read/write behavior of the sc16is7xx driver.
Issues with the fix would cause TTY serial connections utilizing the driver to
misbehave.
Hugo Villeneuve (1):
serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for
FIFO
drivers/tty/serial/sc16is7xx.c | 15 +++++++++------
1 file changed, 9 insertions(+), 6 deletions(-)
--
2.43.0
More information about the kernel-team
mailing list