cve/published/2024/CVE-2024-45028.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-45028: mmc: mmc_test: Fix NULL dereference on allocation failure

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 mmc: mmc_test: Fix NULL dereference on allocation failure

 If the "test->highmem = alloc_pages()" allocation fails then calling
 __free_pages(test->highmem) will result in a NULL dereference.  Also
 change the error code to -ENOMEM instead of returning success.

 The Linux kernel CVE team has assigned CVE-2024-45028 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 4.19.321 with commit e97be13a9f51284da450dd2a592e3fa87b49cdc9
 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 5.4.283 with commit 2b507b03991f44dfb202fc2a82c9874d1b1f0c06
 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 5.10.225 with commit 9b9ba386d7bfdbc38445932c90fa9444c0524bea
 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 5.15.166 with commit e40515582141a9e7c84b269be699c05236a499a6
 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.1.107 with commit 3b4e76ceae5b5a46c968bd952f551ce173809f63
 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.6.48 with commit cac2815f49d343b2f0acc4973d2c14918ac3ab0c
 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.10.7 with commit ecb15b8ca12c0cbdab81e307e9795214d8b90890
 	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.11 with commit a1e627af32ed60713941cbfc8075d44cad07f6dd

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-45028
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/mmc/core/mmc_test.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/e97be13a9f51284da450dd2a592e3fa87b49cdc9
 	https://git.kernel.org/stable/c/2b507b03991f44dfb202fc2a82c9874d1b1f0c06
 	https://git.kernel.org/stable/c/9b9ba386d7bfdbc38445932c90fa9444c0524bea
 	https://git.kernel.org/stable/c/e40515582141a9e7c84b269be699c05236a499a6
 	https://git.kernel.org/stable/c/3b4e76ceae5b5a46c968bd952f551ce173809f63
 	https://git.kernel.org/stable/c/cac2815f49d343b2f0acc4973d2c14918ac3ab0c
 	https://git.kernel.org/stable/c/ecb15b8ca12c0cbdab81e307e9795214d8b90890
 	https://git.kernel.org/stable/c/a1e627af32ed60713941cbfc8075d44cad07f6dd
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-45028: mmc: mmc_test: Fix NULL dereference on allocation failure

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	mmc: mmc_test: Fix NULL dereference on allocation failure

	If the "test->highmem = alloc_pages()" allocation fails then calling
	__free_pages(test->highmem) will result in a NULL dereference. Also
	change the error code to -ENOMEM instead of returning success.

	The Linux kernel CVE team has assigned CVE-2024-45028 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 4.19.321 with commit e97be13a9f51284da450dd2a592e3fa87b49cdc9
	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 5.4.283 with commit 2b507b03991f44dfb202fc2a82c9874d1b1f0c06
	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 5.10.225 with commit 9b9ba386d7bfdbc38445932c90fa9444c0524bea
	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 5.15.166 with commit e40515582141a9e7c84b269be699c05236a499a6
	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.1.107 with commit 3b4e76ceae5b5a46c968bd952f551ce173809f63
	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.6.48 with commit cac2815f49d343b2f0acc4973d2c14918ac3ab0c
	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.10.7 with commit ecb15b8ca12c0cbdab81e307e9795214d8b90890
	Issue introduced in 2.6.27 with commit 2661081f5ab9cb25359d27f88707a018cf4e68e9 and fixed in 6.11 with commit a1e627af32ed60713941cbfc8075d44cad07f6dd

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-45028
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/mmc/core/mmc_test.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/e97be13a9f51284da450dd2a592e3fa87b49cdc9
	https://git.kernel.org/stable/c/2b507b03991f44dfb202fc2a82c9874d1b1f0c06
	https://git.kernel.org/stable/c/9b9ba386d7bfdbc38445932c90fa9444c0524bea
	https://git.kernel.org/stable/c/e40515582141a9e7c84b269be699c05236a499a6
	https://git.kernel.org/stable/c/3b4e76ceae5b5a46c968bd952f551ce173809f63
	https://git.kernel.org/stable/c/cac2815f49d343b2f0acc4973d2c14918ac3ab0c
	https://git.kernel.org/stable/c/ecb15b8ca12c0cbdab81e307e9795214d8b90890
	https://git.kernel.org/stable/c/a1e627af32ed60713941cbfc8075d44cad07f6dd