CVE-2024-50113

NameCVE-2024-50113
DescriptionIn the Linux kernel, the following vulnerability has been resolved: firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 ("firewire: core: use helper functions for self ID sequence"), the enumeration over self ID sequence was refactored with some helper functions with KUnit tests. These helper functions are guaranteed to work expectedly by the KUnit tests, however their application includes a mistake to assign invalid value to the index of port connected to parent device. This bug affects the case that any extra node devices which has three or more ports are connected to 1394 OHCI controller. In the case, the path to update the tree cache could hits WARN_ON(), and gets general protection fault due to the access to invalid address computed by the invalid value. This commit fixes the bug to assign correct port index.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)jessie, jessie (lts)3.16.84-1vulnerable
stretch (security)4.9.320-2vulnerable
stretch (lts), stretch4.9.320-3vulnerable
buster (security), buster, buster (lts)4.19.316-1vulnerable
bullseye5.10.223-1fixed
bullseye (security)5.10.226-1fixed
bookworm6.1.115-1fixed
bookworm (security)6.1.119-1fixed
trixie6.12.5-1fixed
sid6.12.6-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsourcejessie(unfixed)end-of-life
linuxsourcestretch(unfixed)end-of-life
linuxsourcebuster(unfixed)end-of-life
linuxsourcebullseye(not affected)
linuxsourcebookworm(not affected)
linuxsource(unstable)6.11.6-1

Notes

[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
https://git.kernel.org/linus/f6a6780e0b9bbcf311a727afed06fee533a5e957 (6.12-rc5)

Search for package or bug name: Reporting problems