Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initializedIf a driver calls dev_pm_opp_find_bw_ceil/floor() the retrieve bandwidthfrom the OPP table but the bandwidth table was not created because theinterconnect properties were missing in the OPP consumer node, thekernel will crash with:Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004...pc : _read_bw+0x8/0x10lr : _opp_table_find_key+0x9c/0x174...Call trace: _read_bw+0x8/0x10 (P) _opp_table_find_key+0x9c/0x174 (L) _find_key+0x98/0x168 dev_pm_opp_find_bw_ceil+0x50/0x88...In order to fix the crash, create an assert function to checkif the bandwidth table was created before trying to get abandwidth with _read_bw().
No PoCs from references.
- https://github.com/w4zu/Debian_security