Description
In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS get_info_ioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size larger than the buffer, reject the operation with -EOVERFLOW instead of proceeding with an incorrect buffer copy.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
High
Affected products
- Linux / Linuxcdfad4db7756563db7d458216d9e3c2651dddc7d – d3c12ed33e8923f3090909a1738f3e59292996a6
- Linux / Linuxcdfad4db7756563db7d458216d9e3c2651dddc7d – fa598556ecef412edcb391f144b7642e18fdfd45
- Linux / Linuxcdfad4db7756563db7d458216d9e3c2651dddc7d – 4e5047cc94bea1cc7b670b7f503358e9af0542df
- Linux / Linuxcdfad4db7756563db7d458216d9e3c2651dddc7d – fb176425837693f50c5c9fc8db6fbb04af22bd0a
- Linux / Linux6.11 – 6.11
- Linux / Linux0 – 6.11
- Linux / Linux6.12.94 – 6.12.*
- Linux / Linux6.18.36 – 6.18.*
- Linux / Linux7.0.13 – 7.0.*
- Linux / Linux7.1 – *
References
- MISChttps://git.kernel.org/stable/c/d3c12ed33e8923f3090909a1738f3e59292996a6
- MISChttps://git.kernel.org/stable/c/fa598556ecef412edcb391f144b7642e18fdfd45
- MISChttps://git.kernel.org/stable/c/4e5047cc94bea1cc7b670b7f503358e9af0542df
- MISChttps://git.kernel.org/stable/c/fb176425837693f50c5c9fc8db6fbb04af22bd0a