CVE-2024-38568
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
19/06/2024
Last modified:
19/09/2024
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group<br />
<br />
The perf tool allows users to create event groups through following<br />
cmd [1], but the driver does not check whether the array index is out<br />
of bounds when writing data to the event_group array. If the number of<br />
events in an event_group is greater than HNS3_PMU_MAX_HW_EVENTS, the<br />
memory write overflow of event_group array occurs.<br />
<br />
Add array index check to fix the possible array out of bounds violation,<br />
and return directly when write new events are written to array bounds.<br />
<br />
There are 9 different events in an event_group.<br />
[1] perf stat -e &#39;{pmu/event1/, ... ,pmu/event9/}
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.0 (including) | 6.1.93 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.2 (including) | 6.6.33 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.7 (including) | 6.8.12 (excluding) |
| cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* | 6.9 (including) | 6.9.3 (excluding) |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/3669baf308308385a2ab391324abdde5682af5aa
- https://git.kernel.org/stable/c/81bdd60a3d1d3b05e6cc6674845afb1694dd3a0e
- https://git.kernel.org/stable/c/aa2d3d678895c8eedd003f1473f87d3f06fe6ec7
- https://git.kernel.org/stable/c/b5120d322763c15c978bc47beb3b6dff45624304
- https://git.kernel.org/stable/c/be1fa711e59c874d049f592aef1d4685bdd22bdf