CVE-2023-54295

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mtd: spi-nor: Fix shift-out-of-bounds in spi_nor_set_erase_type<br /> <br /> spi_nor_set_erase_type() was used either to set or to mask out an erase<br /> type. When we used it to mask out an erase type a shift-out-of-bounds<br /> was hit:<br /> UBSAN: shift-out-of-bounds in drivers/mtd/spi-nor/core.c:2237:24<br /> shift exponent 4294967295 is too large for 32-bit type &amp;#39;int&amp;#39;<br /> <br /> The setting of the size_{shift, mask} and of the opcode are unnecessary<br /> when the erase size is zero, as throughout the code just the erase size<br /> is considered to determine whether an erase type is supported or not.<br /> Setting the opcode to 0xFF was wrong too as nobody guarantees that 0xFF<br /> is an unused opcode. Thus when masking out an erase type, just set the<br /> erase size to zero. This will fix the shift-out-of-bounds.<br /> <br /> [ta: refine changes, new commit message, fix compilation error]