In the Linux kernel, the following vulnerability has been resolved:
gpio: davinci: Validate the obtained number of IRQs
Value of pdata->gpiounbanked is taken from Device Tree. In case of broken DT due to any error this value can be any. Without this value validation there can be out of chips->irqs array boundaries access in davincigpio_probe().
Validate the obtained nirq value so that it won't exceed the maximum number of IRQs per bank.
Found by Linux Verification Center (linuxtesting.org) with SVACE.
[
{
"signature_version": "v1",
"id": "CVE-2024-42092-09b30e39",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cd75721984337c38a12aeca33ba301d31ca4b3fd",
"digest": {
"threshold": 0.9,
"line_hashes": [
"103788595151744677067923260550909584568",
"225053103377196541166337394697505109571",
"88584385985718244935601394740472810646"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-0c31f2ed",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89d7008af4945808677662a630643b5ea89c6e8d",
"digest": {
"length": 1759.0,
"function_hash": "144852056112752237406342115384428884742"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-1390eec4",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2d83492259ad746b655f196cd5d1be4b3d0a3782",
"digest": {
"threshold": 0.9,
"line_hashes": [
"103788595151744677067923260550909584568",
"225053103377196541166337394697505109571",
"88584385985718244935601394740472810646"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-144d0d41",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a8d78984fdc105bc1a38b73e98d32b1bc4222684",
"digest": {
"length": 2229.0,
"function_hash": "313664823631949787017925672281213477449"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-33696277",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c542e51306d5f1eba3af84daa005826223382470",
"digest": {
"length": 1618.0,
"function_hash": "318692169122858988712400433448280686077"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-8909d30a",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7aa9b96e9a73e4ec1771492d0527bd5fc5ef9164",
"digest": {
"threshold": 0.9,
"line_hashes": [
"103788595151744677067923260550909584568",
"225053103377196541166337394697505109571",
"88584385985718244935601394740472810646"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-9101c257",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@89d7008af4945808677662a630643b5ea89c6e8d",
"digest": {
"threshold": 0.9,
"line_hashes": [
"103788595151744677067923260550909584568",
"225053103377196541166337394697505109571",
"88584385985718244935601394740472810646"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-91515741",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@2d83492259ad746b655f196cd5d1be4b3d0a3782",
"digest": {
"length": 1618.0,
"function_hash": "318692169122858988712400433448280686077"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-b113526d",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e44a83bf15c4db053ac6dfe96a23af184c9136d9",
"digest": {
"threshold": 0.9,
"line_hashes": [
"103788595151744677067923260550909584568",
"225053103377196541166337394697505109571",
"88584385985718244935601394740472810646"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-b44d17cf",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7aa9b96e9a73e4ec1771492d0527bd5fc5ef9164",
"digest": {
"length": 1618.0,
"function_hash": "318692169122858988712400433448280686077"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-cafa5dab",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@c542e51306d5f1eba3af84daa005826223382470",
"digest": {
"threshold": 0.9,
"line_hashes": [
"103788595151744677067923260550909584568",
"225053103377196541166337394697505109571",
"88584385985718244935601394740472810646"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-cbde0ee0",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e44a83bf15c4db053ac6dfe96a23af184c9136d9",
"digest": {
"length": 1800.0,
"function_hash": "328862605161598515146826671670906846228"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-cc843b20",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@a8d78984fdc105bc1a38b73e98d32b1bc4222684",
"digest": {
"threshold": 0.9,
"line_hashes": [
"152220158780044317361358881408282054338",
"308382695026409882567888226970503810504",
"288662616363886671988228502181286653508"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-cddc0ab5",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70b48899f3f23f98a52c5b1060aefbdc7ba7957b",
"digest": {
"threshold": 0.9,
"line_hashes": [
"103788595151744677067923260550909584568",
"225053103377196541166337394697505109571",
"88584385985718244935601394740472810646"
]
},
"deprecated": false,
"target": {
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Line"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-dfc72c76",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cd75721984337c38a12aeca33ba301d31ca4b3fd",
"digest": {
"length": 1936.0,
"function_hash": "268255517659227422130270320020417635789"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
},
{
"signature_version": "v1",
"id": "CVE-2024-42092-fa6047b4",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@70b48899f3f23f98a52c5b1060aefbdc7ba7957b",
"digest": {
"length": 1800.0,
"function_hash": "328862605161598515146826671670906846228"
},
"deprecated": false,
"target": {
"function": "davinci_gpio_probe",
"file": "drivers/gpio/gpio-davinci.c"
},
"signature_type": "Function"
}
]