Bug 1212608 (CVE-2023-3359)

Summary: VUL-0: CVE-2023-3359: kernel-source,kernel-source-azure,kernel-source-rt: NULL Pointer Dereference in drivers/nvmem/brcm_nvram.c
Product: [Novell Products] SUSE Security Incidents Reporter: Cathy Hu <cathy.hu>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED INVALID QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: jlee, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/370118/
Whiteboard:
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Cathy Hu 2023-06-22 07:39:02 UTC 
CVE-2023-3359

An issue was discovered in the Linux kernel through 6.1-rc8.
brcm_nvram_parse in drivers/nvmem/brcm_nvram.c
lacks check of the return value of kzalloc() and will
cause the NULL Pointer Dereference.

Reference:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b0576ade3aaf24b376ea1a4406ae138e2a22b0c0

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2023-3359
https://bugzilla.redhat.com/show_bug.cgi?id=2168251
Comment 1 Cathy Hu 2023-06-22 07:39:18 UTC 
Fixing commit: https://github.com/torvalds/linux/commit/b0576ade3aaf24b376ea1a4406ae138e2a22b0c0    
    
Commit introducing the issue: https://github.com/torvalds/linux/commit/6e977eaa8280e957b87904b536661550f2a6b3e8    

Not affected (already contains fix):
- ALP-current
- stable
                                                       
Not affected (does not contain introducing commit):
- SLE12-SP5
- cve/linux-4.12
- cve/linux-5.3
- cve/linux-3.0    
- cve/linux-4.4    
- SLE15-SP4-AZURE
- SLE15-SP4-RT
- SLE15-SP4
- SLE15-SP5
- SLE15-SP5-AZURE
- SLE15-SP5-RT
Comment 2 Joey Lee 2023-06-23 01:54:05 UTC 
(In reply to Hu from comment #1)
> Fixing commit:
> https://github.com/torvalds/linux/commit/
> b0576ade3aaf24b376ea1a4406ae138e2a22b0c0    
>     
> Commit introducing the issue:
> https://github.com/torvalds/linux/commit/
> 6e977eaa8280e957b87904b536661550f2a6b3e8    
> 
> Not affected (already contains fix):
> - ALP-current
> - stable
>                                                        
> Not affected (does not contain introducing commit):
> - SLE12-SP5
> - cve/linux-4.12
> - cve/linux-5.3
> - cve/linux-3.0    
> - cve/linux-4.4    
> - SLE15-SP4-AZURE
> - SLE15-SP4-RT
> - SLE15-SP4
> - SLE15-SP5
> - SLE15-SP5-AZURE
> - SLE15-SP5-RT

Looks that we don't need do anything. reset assigner.
Comment 3 Cathy Hu 2023-06-23 07:31:23 UTC 
closing