CVE-2024-35813

Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assigns prev_idata = idatas[i - 1], but doesn't check that the iterator i is greater than zero. Let's fix this by adding a check.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

f49f9e802785291149bdc9c824414de4604226b4

Fixed

b9a7339ae403035ffe7fc37cb034b36947910f68

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

59020bf0999ff7da8aedcd00ef8f0d75d93b6d20

Fixed

2b539c88940e22494da80a93ee1c5a28bbad10f6

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

50b8b7a22e90bab9f1949b64a88ff17ab10913ec

Fixed

81b8645feca08a54c7c4bf36e7b176f4983b2f28

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c4edcd134bb72b3b0acc884612d624e48c9d057f

Fixed

ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1653a8102868264f3488c298a9f20af2add9a288

Fixed

4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

eed9119f8f8e8fbf225c08abdbb58597fba807e0

Fixed

064db53f9023a2d5877a2d12de6bc27995f6ca56

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4d0c8d0aef6355660b6775d57ccd5d4ea2e15802

Fixed

7d0e8a6147550aa058fa6ade8583ad252aa61304

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4d0c8d0aef6355660b6775d57ccd5d4ea2e15802

Fixed

cf55a7acd1ed38afe43bba1c8a0935b51d1dc014

Affected versions

v5.*

v5.10.210

v5.10.211

v5.10.212

v5.10.213

v5.10.214

v5.15.149

v5.15.150

v5.15.151

v5.15.152

v5.15.153

v5.4.269

v5.4.270

v5.4.271

v5.4.272

v5.4.273

v6.*

v6.1.76

v6.1.77

v6.1.78

v6.1.79

v6.1.80

v6.1.81

v6.1.82

v6.1.83

v6.6.15

v6.6.16

v6.6.17

v6.6.18

v6.6.19

v6.6.20

v6.6.21

v6.6.22

v6.6.23

v6.7

v6.7-rc5

v6.7-rc6

v6.7-rc7

v6.7-rc8

v6.7.10

v6.7.11

v6.7.3

v6.7.4

v6.7.5

v6.7.6

v6.7.7

v6.7.8

v6.7.9

v6.8

v6.8-rc1

v6.8-rc2

v6.8-rc3

v6.8-rc4

v6.8-rc5

v6.8-rc6

v6.8-rc7

v6.8.1

v6.8.2

v6.9-rc1

Database specific

{
    "vanir_signatures": [
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2b539c88940e22494da80a93ee1c5a28bbad10f6",
            "deprecated": false,
            "id": "CVE-2024-35813-12ccedbe",
            "digest": {
                "length": 3083.0,
                "function_hash": "98876402942879096097753712010602389043"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2",
            "deprecated": false,
            "id": "CVE-2024-35813-14a449ef",
            "digest": {
                "length": 3428.0,
                "function_hash": "157469732363041596177039975149377150722"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2b539c88940e22494da80a93ee1c5a28bbad10f6",
            "deprecated": false,
            "id": "CVE-2024-35813-17d8daf4",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7d0e8a6147550aa058fa6ade8583ad252aa61304",
            "deprecated": false,
            "id": "CVE-2024-35813-202d1fb5",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81b8645feca08a54c7c4bf36e7b176f4983b2f28",
            "deprecated": false,
            "id": "CVE-2024-35813-28e9bca8",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9a7339ae403035ffe7fc37cb034b36947910f68",
            "deprecated": false,
            "id": "CVE-2024-35813-3b484c62",
            "digest": {
                "length": 3185.0,
                "function_hash": "238963274356341136886764574897586930307"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55",
            "deprecated": false,
            "id": "CVE-2024-35813-41d88388",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@064db53f9023a2d5877a2d12de6bc27995f6ca56",
            "deprecated": false,
            "id": "CVE-2024-35813-4355f4d4",
            "digest": {
                "length": 3428.0,
                "function_hash": "157469732363041596177039975149377150722"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7d0e8a6147550aa058fa6ade8583ad252aa61304",
            "deprecated": false,
            "id": "CVE-2024-35813-57f36779",
            "digest": {
                "length": 3428.0,
                "function_hash": "157469732363041596177039975149377150722"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ad9cc5e9e53ab94aa0c7ac65d43be7eb208dcb55",
            "deprecated": false,
            "id": "CVE-2024-35813-5eb71aea",
            "digest": {
                "length": 3543.0,
                "function_hash": "174438170085036724803741927060867013236"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@064db53f9023a2d5877a2d12de6bc27995f6ca56",
            "deprecated": false,
            "id": "CVE-2024-35813-65ed3d64",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cf55a7acd1ed38afe43bba1c8a0935b51d1dc014",
            "deprecated": false,
            "id": "CVE-2024-35813-a2299c68",
            "digest": {
                "length": 3428.0,
                "function_hash": "157469732363041596177039975149377150722"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b9a7339ae403035ffe7fc37cb034b36947910f68",
            "deprecated": false,
            "id": "CVE-2024-35813-c009bb19",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@4466677dcabe2d70de6aa3d4bd4a4fafa94a71f2",
            "deprecated": false,
            "id": "CVE-2024-35813-e7039813",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cf55a7acd1ed38afe43bba1c8a0935b51d1dc014",
            "deprecated": false,
            "id": "CVE-2024-35813-f7e1b6b0",
            "digest": {
                "threshold": 0.9,
                "line_hashes": [
                    "183448088474797527543847432083501843549",
                    "236268105773757204222742557555310836650",
                    "84182171899464786251368303406966191595",
                    "228412499795575020830702573955549785203"
                ]
            },
            "signature_type": "Line",
            "signature_version": "v1",
            "target": {
                "file": "drivers/mmc/core/block.c"
            }
        },
        {
            "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@81b8645feca08a54c7c4bf36e7b176f4983b2f28",
            "deprecated": false,
            "id": "CVE-2024-35813-fc0436aa",
            "digest": {
                "length": 3167.0,
                "function_hash": "17658249313640706076841693465344997275"
            },
            "signature_type": "Function",
            "signature_version": "v1",
            "target": {
                "function": "__mmc_blk_ioctl_cmd",
                "file": "drivers/mmc/core/block.c"
            }
        }
    ]
}

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.274

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.215

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.154

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.84

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.24

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.7.12

Type: ECOSYSTEM
Events: Introduced

6.8.0

Fixed

6.8.3