cve/published/2024/CVE-2024-35943.mbox - pub/scm/linux/security/vulns - Git at Google

 From bippy-1.1.0 Mon Sep 17 00:00:00 2001
 From: Greg Kroah-Hartman <gregkh@kernel.org>
 To: <linux-cve-announce@vger.kernel.org>
 Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
 Subject: CVE-2024-35943: pmdomain: ti: Add a null pointer check to the omap_prm_domain_init

 Description
 ===========

 In the Linux kernel, the following vulnerability has been resolved:

 pmdomain: ti: Add a null pointer check to the omap_prm_domain_init

 devm_kasprintf() returns a pointer to dynamically allocated memory
 which can be NULL upon failure. Ensure the allocation was successful
 by checking the pointer validity.

 The Linux kernel CVE team has assigned CVE-2024-35943 to this issue.


 Affected and fixed versions
 ===========================

 	Fixed in 5.10.237 with commit e65f7eb117e1b44742212d65784236269085e736
 	Fixed in 5.15.181 with commit 984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5
 	Fixed in 6.1.111 with commit bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8
 	Fixed in 6.6.27 with commit ce666cecc09c0f92d5f86d89d8068ecfcf723a7e
 	Fixed in 6.8.6 with commit 04f23510daa40f9010fadf309507564a34ad956f
 	Fixed in 6.9 with commit 5d7f58ee08434a33340f75ac7ac5071eea9673b3

 Please see https://www.kernel.org for a full list of currently supported
 kernel versions by the kernel community.

 Unaffected versions might change over time as fixes are backported to
 older supported kernel versions.  The official CVE entry at
 	https://cve.org/CVERecord/?id=CVE-2024-35943
 will be updated if fixes are backported, please check that for the most
 up to date information about this issue.


 Affected files
 ==============

 The file(s) affected by this issue are:
 	drivers/pmdomain/ti/omap_prm.c


 Mitigation
 ==========

 The Linux kernel CVE team recommends that you update to the latest
 stable kernel version for this, and many other bugfixes.  Individual
 changes are never tested alone, but rather are part of a larger kernel
 release.  Cherry-picking individual commits is not recommended or
 supported by the Linux kernel community at all.  If however, updating to
 the latest release is impossible, the individual changes to resolve this
 issue can be found at these commits:
 	https://git.kernel.org/stable/c/e65f7eb117e1b44742212d65784236269085e736
 	https://git.kernel.org/stable/c/984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5
 	https://git.kernel.org/stable/c/bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8
 	https://git.kernel.org/stable/c/ce666cecc09c0f92d5f86d89d8068ecfcf723a7e
 	https://git.kernel.org/stable/c/04f23510daa40f9010fadf309507564a34ad956f
 	https://git.kernel.org/stable/c/5d7f58ee08434a33340f75ac7ac5071eea9673b3
	From bippy-1.1.0 Mon Sep 17 00:00:00 2001
	From: Greg Kroah-Hartman <gregkh@kernel.org>
	To: <linux-cve-announce@vger.kernel.org>
	Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org>
	Subject: CVE-2024-35943: pmdomain: ti: Add a null pointer check to the omap_prm_domain_init

	Description
	===========

	In the Linux kernel, the following vulnerability has been resolved:

	pmdomain: ti: Add a null pointer check to the omap_prm_domain_init

	devm_kasprintf() returns a pointer to dynamically allocated memory
	which can be NULL upon failure. Ensure the allocation was successful
	by checking the pointer validity.

	The Linux kernel CVE team has assigned CVE-2024-35943 to this issue.


	Affected and fixed versions
	===========================

	Fixed in 5.10.237 with commit e65f7eb117e1b44742212d65784236269085e736
	Fixed in 5.15.181 with commit 984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5
	Fixed in 6.1.111 with commit bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8
	Fixed in 6.6.27 with commit ce666cecc09c0f92d5f86d89d8068ecfcf723a7e
	Fixed in 6.8.6 with commit 04f23510daa40f9010fadf309507564a34ad956f
	Fixed in 6.9 with commit 5d7f58ee08434a33340f75ac7ac5071eea9673b3

	Please see https://www.kernel.org for a full list of currently supported
	kernel versions by the kernel community.

	Unaffected versions might change over time as fixes are backported to
	older supported kernel versions. The official CVE entry at
	https://cve.org/CVERecord/?id=CVE-2024-35943
	will be updated if fixes are backported, please check that for the most
	up to date information about this issue.


	Affected files
	==============

	The file(s) affected by this issue are:
	drivers/pmdomain/ti/omap_prm.c


	Mitigation
	==========

	The Linux kernel CVE team recommends that you update to the latest
	stable kernel version for this, and many other bugfixes. Individual
	changes are never tested alone, but rather are part of a larger kernel
	release. Cherry-picking individual commits is not recommended or
	supported by the Linux kernel community at all. If however, updating to
	the latest release is impossible, the individual changes to resolve this
	issue can be found at these commits:
	https://git.kernel.org/stable/c/e65f7eb117e1b44742212d65784236269085e736
	https://git.kernel.org/stable/c/984212fa6b4bc6d9ed58f5b0838e8d5af7679ce5
	https://git.kernel.org/stable/c/bc08f5ab11b1881b85371f0bd9c9a3d27f65cca8
	https://git.kernel.org/stable/c/ce666cecc09c0f92d5f86d89d8068ecfcf723a7e
	https://git.kernel.org/stable/c/04f23510daa40f9010fadf309507564a34ad956f
	https://git.kernel.org/stable/c/5d7f58ee08434a33340f75ac7ac5071eea9673b3