Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index()Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()where shifting the constant "1" (of type int) by bitmap->mapped.pgshift(an unsigned long value) could result in undefined behavior.The constant "1" defaults to a 32-bit "int", and when "pgshift" exceeds31 (e.g., pgshift = 63) the shift operation overflows, as the resultcannot be represented in a 32-bit type.To resolve this, the constant is updated to "1UL", promoting it to anunsigned long type to match the operand's type.
No PoCs from references.
- https://github.com/w4zu/Debian_security