CVE-2024-46859

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses<br /> <br /> The panasonic laptop code in various places uses the SINF array with index<br /> values of 0 - SINF_CUR_BRIGHT(0x0d) without checking that the SINF array<br /> is big enough.<br /> <br /> Not all panasonic laptops have this many SINF array entries, for example<br /> the Toughbook CF-18 model only has 10 SINF array entries. So it only<br /> supports the AC+DC brightness entries and mute.<br /> <br /> Check that the SINF array has a minimum size which covers all AC+DC<br /> brightness entries and refuse to load if the SINF array is smaller.<br /> <br /> For higher SINF indexes hide the sysfs attributes when the SINF array<br /> does not contain an entry for that attribute, avoiding show()/store()<br /> accessing the array out of bounds and add bounds checking to the probe()<br /> and resume() code accessing these.