Bugzilla – Bug 1203040
VUL-0: CVE-2022-3077: kernel-source-rt,kernel-source,kernel-source-azure: i2c: buffer overflow in ismt_access()
Last modified: 2023-03-09 16:35:03 UTC
rh#2123309 A memory corruption flaw was found in the Linux kernel's I2C driver. The userspace-controllable "data->block[0]" variable was not capped to a number between 0-255 and used as the size of a memcpy, thus possibly writing beyond the end of dma_buffer[] and resulting in a buffer overflow condition. Upstream commit: https://github.com/torvalds/linux/commit/690b2549b19563ec5ad53e5c82f6a944d910086e Fixes: https://github.com/torvalds/linux/commit/5e9a97b1f4491b8b65874901ad084348fcaba327 References: https://bugzilla.redhat.com/show_bug.cgi?id=2123309 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-3077
Both fix and commit introducing the bug are on stable and SLE15-SP4 branches. Closing
Actually it's a dup of CVE-2022-2873 bsc#1202558.
Looks though that they are not duplicates: See comments from Red Hat in https://bugzilla.redhat.com/show_bug.cgi?id=2123309#c7
OK, then let's wait for the actual fix in the upstream.
Oops, I was confused. Actually this one was already fixed, while CVE-2022-2873 isn't yet. Closed again.
This is an autogenerated message for OBS integration: This bug (1203040) was mentioned in https://build.opensuse.org/request/show/1070459 Factory / chromium