CVE-2024-27075
media: dvb-frontends: avoid stack overflow warnings with clang
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
media: dvb-frontends: avoid stack overflow warnings with clang
A previous patch worked around a KASAN issue in stv0367, now a similar
problem showed up with clang:
drivers/media/dvb-frontends/stv0367.c:1222:12: error: stack frame size (3624) exceeds limit (2048) in 'stv0367ter_set_frontend' [-Werror,-Wframe-larger-than]
1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe)
Rework the stv0367_writereg() function to be simpler and mark both
register access functions as noinline_for_stack so the temporary
i2c_msg structures do not get duplicated on the stack when KASAN_STACK
is enabled.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: dvb-frontends: evita advertencias de desbordamiento de pila con clang. Un parche anterior solucionó un problema de KASAN en stv0367, ahora apareció un problema similar con clang: drivers/media/dvb- frontends/stv0367.c:1222:12: error: el tamaño del marco de pila (3624) excede el límite (2048) en 'stv0367ter_set_frontend' [-Werror,-Wframe-larger-than] 1214 | static int stv0367ter_set_frontend(struct dvb_frontend *fe) Vuelva a trabajar la función stv0367_writereg() para que sea más simple y marque ambas funciones de acceso a registros como noinline_for_stack para que las estructuras temporales i2c_msg no se dupliquen en la pila cuando KASAN_STACK esté habilitado.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-02-19 CVE Reserved
- 2024-05-01 CVE Published
- 2024-05-02 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (16)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 4.19.311 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 4.19.311" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 5.4.273 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.4.273" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 5.10.214 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.10.214" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 5.15.153 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 5.15.153" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 6.1.83 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.1.83" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 6.6.23 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.6.23" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 6.7.11 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.7.11" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 6.8.2 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.8.2" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 4.16 < 6.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.16 < 6.9" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.4.168 Search vendor "Linux" for product "Linux Kernel" and version "4.4.168" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.9.82 Search vendor "Linux" for product "Linux Kernel" and version "4.9.82" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.14.20 Search vendor "Linux" for product "Linux Kernel" and version "4.14.20" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | 4.15.4 Search vendor "Linux" for product "Linux Kernel" and version "4.15.4" | en |
Affected
|