Overview
About vulnerability
In the Linux kernel, the following vulnerability has been resolved:
gpio: davinci: Validate the obtained number of IRQs
Value of pdata->gpio_unbanked is taken from Device Tree. In case of broken DT due to any error this value can be any. Without this value validation there can be out of chips->irqs array boundaries access in davinci_gpio_probe().
Validate the obtained nirq value so that it won’t exceed the maximum number of IRQs per bank.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Details
- Affected product:
- AlmaLinux 9.2 ESU , Oracle Linux 7 ELS , Ubuntu 16.04 ELS , Ubuntu 18.04 ELS
- Affected packages:
- kernel @ 5.14.0 (+3 more)
In the Linux kernel, the following vulnerability has been resolved:
gpio: davinci: Validate the obtained number of IRQs
Value of pdata->gpio_unbanked is taken from Device Tree. In case of broken DT due to any error this value can be any. Without this value validation there can be out of chips->irqs array boundaries access in davinci_gpio_probe().
Validate the obtained nirq value so that it won’t exceed the maximum number of IRQs per bank.
Found by Linux Verification Center (linuxtesting.org) with SVACE.