2320789 – (CVE-2022-48952) CVE-2022-48952 kernel: PCI: mt7621: Add sentinel to quirks table

Bug 2320789 (CVE-2022-48952) - CVE-2022-48952 kernel: PCI: mt7621: Add sentinel to quirks table

Summary: CVE-2022-48952 kernel: PCI: mt7621: Add sentinel to quirks table

Keywords:
Status:	NEW
Alias:	CVE-2022-48952
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2024-10-21 22:04 UTC by OSIDB Bzimport
Modified:	2024-10-22 05:22 UTC (History)
CC List:	4 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2024-10-21 22:04:23 UTC

In the Linux kernel, the following vulnerability has been resolved:

PCI: mt7621: Add sentinel to quirks table

Current driver is missing a sentinel in the struct soc_device_attribute
array, which causes an oops when assessed by the
soc_device_match(mt7621_pcie_quirks_match) call.

This was only exposed once the CONFIG_SOC_MT7621 mt7621 soc_dev_attr
was fixed to register the SOC as a device, in:

commit 7c18b64bba3b ("mips: ralink: mt7621: do not use kzalloc too early")

Fix it by adding the required sentinel.

Comment 1 Avinash Hanwate 2024-10-22 05:17:23 UTC

Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024102141-CVE-2022-48952-a932@gregkh/T

Note You need to log in before you can comment on or make changes to this bug.