Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
In the Linux kernel, the following vulnerability has been resolved:scsi: megaraid_sas: Fix invalid node indexOn a system with DRAM interleave enabled, out-of-bound access isdetected:megaraid_sas 0000:3f:00.0: requested/available msix 128/128 poll_queue 0------------[ cut here ]------------UBSAN: array-index-out-of-bounds in ./arch/x86/include/asm/topology.h:72:28index -1 is out of range for type 'cpumask *[1024]'dump_stack_lvl+0x5d/0x80ubsan_epilogue+0x5/0x2b__ubsan_handle_out_of_bounds.cold+0x46/0x4bmegasas_alloc_irq_vectors+0x149/0x190 [megaraid_sas]megasas_probe_one.cold+0xa4d/0x189c [megaraid_sas]local_pci_probe+0x42/0x90pci_device_probe+0xdc/0x290really_probe+0xdb/0x340__driver_probe_device+0x78/0x110driver_probe_device+0x1f/0xa0__driver_attach+0xba/0x1c0bus_for_each_dev+0x8b/0xe0bus_add_driver+0x142/0x220driver_register+0x72/0xd0megasas_init+0xdf/0xff0 [megaraid_sas]do_one_initcall+0x57/0x310do_init_module+0x90/0x250init_module_from_file+0x85/0xc0idempotent_init_module+0x114/0x310__x64_sys_finit_module+0x65/0xc0do_syscall_64+0x82/0x170entry_SYSCALL_64_after_hwframe+0x76/0x7eFix it accordingly.
No PoCs from references.
- https://github.com/w4zu/Debian_security