ACK: [SRU][F][PATCH 0/1] CVE-2023-52488
Jian Hui Lee
jianhui.lee at canonical.com
Tue Oct 22 02:32:07 UTC 2024
Acked-by: Jian Hui Lee <jianhui.lee at canonical.com>
On Tue, Oct 22, 2024 at 1:03 AM Jacob Martin <jacob.martin at canonical.com>
wrote:
> [Impact]
>
> The sc16is7xx driver uses regmap_raw_read and regmap_raw_write to access
> the
> IC's FIFOs in a burst mode that doesn't increment the register address for
> each
> byte. The functions regmap_raw_read and regmap_raw_write assume that the
> register's address *is* incremented, update the regmap cache accordingly,
> and
> thus would end up corrupting it. The driver works around this by disabling
> the
> regmap cache while calling these functions. Fully resolve the issue by
> using
> the regmap_noinc_read and regmap_noinc_write functions, which correctly
> assume
> the register's address *is not* incremented.
>
> [Fix]
>
> Noble: Not affected
> Jammy: Fix released
> Focal: Backport from linux-5.10.y stable branch, context adjustments
> Bionic: Patchset sent to ESM list
> Xenial: Patchset sent to ESM list
> Trusty: Not affected
>
> [Test Case]
>
> Compile tested.
>
> [Where problems could occur]
>
> This change modifies the FIFO read/write behavior of the sc16is7xx driver.
> Issues with the fix would cause TTY serial connections utilizing the
> driver to
> misbehave.
>
> Hugo Villeneuve (1):
> serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for
> FIFO
>
> drivers/tty/serial/sc16is7xx.c | 15 +++++++++------
> 1 file changed, 9 insertions(+), 6 deletions(-)
>
> --
> 2.43.0
>
>
> --
> kernel-team mailing list
> kernel-team at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/kernel-team
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/kernel-team/attachments/20241022/51402bbd/attachment-0001.html>
More information about the kernel-team
mailing list