Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()As of_find_node_by_name() release the reference of the argument devicenode, tegra_emc_find_node_by_ram_code() releases some device nodes whilestill in use, resulting in possible UAFs. According to the bindings andthe in-tree DTS files, the "emc-tables" node is always device's childnode with the property "nvidia,use-ram-code", and the "lpddr2" node is achild of the "emc-tables" node. Thus utilize thefor_each_child_of_node() macro and of_get_child_by_name() instead ofof_find_node_by_name() to simplify the code.This bug was found by an experimental verification tool that I amdeveloping.[krzysztof: applied v1, adjust the commit msg to incorporate v2 parts]
No PoCs from references.
- https://github.com/w4zu/Debian_security