fkie_cve-2024-36019
Vulnerability from fkie_nvd
Published
2024-05-30 15:15
Modified
2024-11-21 09:21
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
regmap: maple: Fix cache corruption in regcache_maple_drop()
When keeping the upper end of a cache block entry, the entry[] array
must be indexed by the offset from the base register of the block,
i.e. max - mas.index.
The code was indexing entry[] by only the register address, leading
to an out-of-bounds access that copied some part of the kernel
memory over the cache contents.
This bug was not detected by the regmap KUnit test because it only
tests with a block of registers starting at 0, so mas.index == 0.
References
Impacted products
| Vendor | Product | Version |
|---|
{
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nregmap: maple: Fix cache corruption in regcache_maple_drop()\n\nWhen keeping the upper end of a cache block entry, the entry[] array\nmust be indexed by the offset from the base register of the block,\ni.e. max - mas.index.\n\nThe code was indexing entry[] by only the register address, leading\nto an out-of-bounds access that copied some part of the kernel\nmemory over the cache contents.\n\nThis bug was not detected by the regmap KUnit test because it only\ntests with a block of registers starting at 0, so mas.index == 0."
},
{
"lang": "es",
"value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: regmap: maple: corrige la corrupci\u00f3n de la cach\u00e9 en regcache_maple_drop() Cuando se mantiene el extremo superior de una entrada de bloque de cach\u00e9, la matriz de entrada[] debe indexarse seg\u00fan el desplazamiento del registro base de el bloque, es decir, max - mas.index. El c\u00f3digo indexaba la entrada [] solo por la direcci\u00f3n de registro, lo que generaba un acceso fuera de los l\u00edmites que copiaba parte de la memoria del kernel sobre el contenido de la cach\u00e9. Este error no fue detectado por la prueba regmap KUnit porque solo prueba con un bloque de registros que comienza en 0, por lo que mas.index == 0."
}
],
"id": "CVE-2024-36019",
"lastModified": "2024-11-21T09:21:26.973",
"metrics": {},
"published": "2024-05-30T15:15:49.027",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/00bb549d7d63a21532e76e4a334d7807a54d9f31"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/3af6c5ac72dc5b721058132a0a1d7779e443175e"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"url": "https://git.kernel.org/stable/c/51c4440b9d3fd7c8234e6de9170a487c03506e53"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/stable/c/00bb549d7d63a21532e76e4a334d7807a54d9f31"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/stable/c/3af6c5ac72dc5b721058132a0a1d7779e443175e"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://git.kernel.org/stable/c/51c4440b9d3fd7c8234e6de9170a487c03506e53"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Awaiting Analysis"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.