Bug 2313122 (CVE-2024-46774) - CVE-2024-46774 kernel: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()
Summary: CVE-2024-46774 kernel: powerpc/rtas: Prevent Spectre v1 gadget construction i...
Keywords:
Status: NEW
Alias: CVE-2024-46774
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On: 2313229
Blocks:
TreeView+ depends on / blocked
 
Reported: 2024-09-18 08:22 UTC by OSIDB Bzimport
Modified: 2026-02-04 04:01 UTC (History)
5 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2024-09-18 08:22:32 UTC 
In the Linux kernel, the following vulnerability has been resolved:

powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas()

Smatch warns:

  arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential
  spectre issue 'args.args' [r] (local cap)

The 'nargs' and 'nret' locals come directly from a user-supplied
buffer and are used as indexes into a small stack-based array and as
inputs to copy_to_user() after they are subject to bounds checks.

Use array_index_nospec() after the bounds checks to clamp these values
for speculative execution.
Comment 1 Michal Findra 2024-09-18 11:13:56 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024091847-CVE-2024-46774-48d9@gregkh/T
Comment 3 harryy 2026-02-04 04:01:37 UTC 
Honestly impressed from the very first glance. The way this team explains their work shows real pride and experience in professional masonry services. While browsing https://www.fairfieldmasonrypros.com you can clearly feel the focus on quality, detail, and customer satisfaction. Everything is laid out simply, making it easy to trust their process and skills. Great work overall—this is the kind of craftsmanship people look for.
Note You need to log in before you can comment on or make changes to this bug.