Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:pds_core: Prevent possible adminq overflow/stuck conditionThe pds_core's adminq is protected by the adminq_lock, which preventsmore than 1 command to be posted onto it at any one time. This makes itso the client drivers cannot simultaneously post adminq commands.However, the completions happen in a different context, which meansmultiple adminq commands can be posted sequentially and all waitingon completion.On the FW side, the backing adminq request queue is only 16 entrieslong and the retry mechanism and/or overflow/stuck prevention islacking. This can cause the adminq to get stuck, so commands are nolonger processed and completions are no longer sent by the FW.As an initial fix, prevent more than 16 outstanding adminq commands sothere's no way to cause the adminq from getting stuck. This worksbecause the backing adminq request queue will never have more than 16pending adminq commands, so it will never overflow. This is done byreducing the adminq depth to 16.
No PoCs from references.
- https://github.com/fkie-cad/nvd-json-data-feeds