cve/published/2024/CVE-2024-57906.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-57906: iio: adc: ti-ads8688: fix information leak in triggered buffer

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 iio: adc: ti-ads8688: fix information leak in triggered buffer

 The 'buffer' local array is used to push data to user space from a
 triggered buffer, but it does not set values for inactive channels, as
 it only uses iio_for_each_active_channel() to assign new values.

 Initialize the array to zero before using it to avoid pushing
 uninitialized information to userspace.

 The Linux kernel CVE team has assigned CVE-2024-57906 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 5.4.132 with commit 26aa12ef64ee997d293659bbf645c6df99fb73e5 and fixed in 5.4.290 with commit 1c80a0985a9a14f33dbf63cd703ca010f094f878
 	Issue introduced in 5.10.50 with commit c923e9effe50b0a83e74e1940afbecef5456bfda and fixed in 5.10.234 with commit 3bf8d1e87939b8a19c9b738564fddf5b73322f2f
 	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 5.15.177 with commit aae96738006840533cf147ffd5f41830987f21c5
 	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.1.125 with commit ebe2672bc42a0dfe31bb539f8ce79d024aa7e46d
 	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.6.72 with commit 455df95eb8f24a37abc549d6738fc8ee07eb623b
 	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.12.10 with commit 485570ed82b7a6bb109fa1d0a79998e21f7f4c73
 	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.13 with commit 2a7377ccfd940cd6e9201756aff1e7852c266e69
 	Issue introduced in 4.19.198 with commit 91664385e6c49f1e961e822f2d024776ac22102a
 	Issue introduced in 5.12.17 with commit a65024fc5754f2fca73541373a2502bef603565b
 	Issue introduced in 5.13.2 with commit 3563bb70d6baa0a5e8082397e13f62f26053c04d

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-57906
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/iio/adc/ti-ads8688.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/1c80a0985a9a14f33dbf63cd703ca010f094f878
 	https://git.kernel.org/stable/c/3bf8d1e87939b8a19c9b738564fddf5b73322f2f
 	https://git.kernel.org/stable/c/aae96738006840533cf147ffd5f41830987f21c5
 	https://git.kernel.org/stable/c/ebe2672bc42a0dfe31bb539f8ce79d024aa7e46d
 	https://git.kernel.org/stable/c/455df95eb8f24a37abc549d6738fc8ee07eb623b
 	https://git.kernel.org/stable/c/485570ed82b7a6bb109fa1d0a79998e21f7f4c73
 	https://git.kernel.org/stable/c/2a7377ccfd940cd6e9201756aff1e7852c266e69
	From bippy-5f407fcff5a0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-57906: iio: adc: ti-ads8688: fix information leak in triggered buffer

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	iio: adc: ti-ads8688: fix information leak in triggered buffer

	The 'buffer' local array is used to push data to user space from a
	triggered buffer, but it does not set values for inactive channels, as
	it only uses iio_for_each_active_channel() to assign new values.

	Initialize the array to zero before using it to avoid pushing
	uninitialized information to userspace.

	The Linux kernel CVE team has assigned CVE-2024-57906 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 5.4.132 with commit 26aa12ef64ee997d293659bbf645c6df99fb73e5 and fixed in 5.4.290 with commit 1c80a0985a9a14f33dbf63cd703ca010f094f878
	Issue introduced in 5.10.50 with commit c923e9effe50b0a83e74e1940afbecef5456bfda and fixed in 5.10.234 with commit 3bf8d1e87939b8a19c9b738564fddf5b73322f2f
	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 5.15.177 with commit aae96738006840533cf147ffd5f41830987f21c5
	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.1.125 with commit ebe2672bc42a0dfe31bb539f8ce79d024aa7e46d
	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.6.72 with commit 455df95eb8f24a37abc549d6738fc8ee07eb623b
	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.12.10 with commit 485570ed82b7a6bb109fa1d0a79998e21f7f4c73
	Issue introduced in 5.14 with commit 61fa5dfa5f52806f5ce37a0ba5712c271eb22f98 and fixed in 6.13 with commit 2a7377ccfd940cd6e9201756aff1e7852c266e69
	Issue introduced in 4.19.198 with commit 91664385e6c49f1e961e822f2d024776ac22102a
	Issue introduced in 5.12.17 with commit a65024fc5754f2fca73541373a2502bef603565b
	Issue introduced in 5.13.2 with commit 3563bb70d6baa0a5e8082397e13f62f26053c04d

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-57906
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/iio/adc/ti-ads8688.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/1c80a0985a9a14f33dbf63cd703ca010f094f878
	https://git.kernel.org/stable/c/3bf8d1e87939b8a19c9b738564fddf5b73322f2f
	https://git.kernel.org/stable/c/aae96738006840533cf147ffd5f41830987f21c5
	https://git.kernel.org/stable/c/ebe2672bc42a0dfe31bb539f8ce79d024aa7e46d
	https://git.kernel.org/stable/c/455df95eb8f24a37abc549d6738fc8ee07eb623b
	https://git.kernel.org/stable/c/485570ed82b7a6bb109fa1d0a79998e21f7f4c73
	https://git.kernel.org/stable/c/2a7377ccfd940cd6e9201756aff1e7852c266e69