cve/published/2022/CVE-2022-49832.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-1.1.0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@kernel.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2022-49832: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map

 Here is the BUG report by KASAN about null pointer dereference:

 BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50
 Read of size 1 at addr 0000000000000000 by task python3/2640
 Call Trace:
  strcmp
  __of_find_property
  of_find_property
  pinctrl_dt_to_map

 kasprintf() would return NULL pointer when kmalloc() fail to allocate.
 So directly return ENOMEM, if kasprintf() return NULL pointer.

 The Linux kernel CVE team has assigned CVE-2022-49832 to this issue.


 Affected and fixed versions
 ===========================

 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.9.334 with commit aaf552c5d53abe4659176e099575fe870d2e4768
 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.14.300 with commit b4d9f55cd38435358bc16d580612bc0d798d7b4c
 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.19.267 with commit a988dcd3dd9e691c5ccc3324b209688f3b5453e9
 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.4.225 with commit 040f726fecd88121f3b95e70369785ad452dddf9
 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.10.156 with commit 777430aa4ddccaa5accec6db90ffc1d47f00d471
 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.15.80 with commit 97e5b508e96176f1a73888ed89df396d7041bfcb
 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 6.0.10 with commit 5834a3a98cd266ad35a229923c0adbd0addc8d68
 	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 6.1 with commit 91d5c5060ee24fe8da88cd585bb43b843d2f0dce

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2022-49832
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/pinctrl/devicetree.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/aaf552c5d53abe4659176e099575fe870d2e4768
 	https://git.kernel.org/stable/c/b4d9f55cd38435358bc16d580612bc0d798d7b4c
 	https://git.kernel.org/stable/c/a988dcd3dd9e691c5ccc3324b209688f3b5453e9
 	https://git.kernel.org/stable/c/040f726fecd88121f3b95e70369785ad452dddf9
 	https://git.kernel.org/stable/c/777430aa4ddccaa5accec6db90ffc1d47f00d471
 	https://git.kernel.org/stable/c/97e5b508e96176f1a73888ed89df396d7041bfcb
 	https://git.kernel.org/stable/c/5834a3a98cd266ad35a229923c0adbd0addc8d68
 	https://git.kernel.org/stable/c/91d5c5060ee24fe8da88cd585bb43b843d2f0dce
	From bippy-1.1.0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@kernel.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2022-49832: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map

	Here is the BUG report by KASAN about null pointer dereference:

	BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50
	Read of size 1 at addr 0000000000000000 by task python3/2640
	Call Trace:
	strcmp
	__of_find_property
	of_find_property
	pinctrl_dt_to_map

	kasprintf() would return NULL pointer when kmalloc() fail to allocate.
	So directly return ENOMEM, if kasprintf() return NULL pointer.

	The Linux kernel CVE team has assigned CVE-2022-49832 to this issue.


	Affected and fixed versions
	===========================

	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.9.334 with commit aaf552c5d53abe4659176e099575fe870d2e4768
	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.14.300 with commit b4d9f55cd38435358bc16d580612bc0d798d7b4c
	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 4.19.267 with commit a988dcd3dd9e691c5ccc3324b209688f3b5453e9
	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.4.225 with commit 040f726fecd88121f3b95e70369785ad452dddf9
	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.10.156 with commit 777430aa4ddccaa5accec6db90ffc1d47f00d471
	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 5.15.80 with commit 97e5b508e96176f1a73888ed89df396d7041bfcb
	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 6.0.10 with commit 5834a3a98cd266ad35a229923c0adbd0addc8d68
	Issue introduced in 3.5 with commit 57291ce295c0aca738dd284c4a9c591c09ebee71 and fixed in 6.1 with commit 91d5c5060ee24fe8da88cd585bb43b843d2f0dce

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2022-49832
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/pinctrl/devicetree.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/aaf552c5d53abe4659176e099575fe870d2e4768
	https://git.kernel.org/stable/c/b4d9f55cd38435358bc16d580612bc0d798d7b4c
	https://git.kernel.org/stable/c/a988dcd3dd9e691c5ccc3324b209688f3b5453e9
	https://git.kernel.org/stable/c/040f726fecd88121f3b95e70369785ad452dddf9
	https://git.kernel.org/stable/c/777430aa4ddccaa5accec6db90ffc1d47f00d471
	https://git.kernel.org/stable/c/97e5b508e96176f1a73888ed89df396d7041bfcb
	https://git.kernel.org/stable/c/5834a3a98cd266ad35a229923c0adbd0addc8d68
	https://git.kernel.org/stable/c/91d5c5060ee24fe8da88cd585bb43b843d2f0dce