ubi: Check for too small LEB size in VTBL code (!4210) · Merge requests · Red Hat / centos-stream / src / kernel / centos-stream-9

Steve Best requested to merge sfbest/centos-stream-9:25094 into main May 10, 2024

JIRA: https://issues.redhat.com/browse/RHEL-25094
CVE: CVE-2024-25739

Build Info: https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=61143588
Tested: Successful sanity booted on Intel system.

commit 68a24aba7c593eafa8fd00f2f76407b9b32b47a9
Author: Richard Weinberger richard@nod.at
Date: Wed Jan 24 07:37:02 2024 +0100

ubi: Check for too small LEB size in VTBL code  

If the LEB size is smaller than a volume table record we cannot  
have volumes.  
In this case abort attaching.  

Cc: Chenyuan Yang <cy54@illinois.edu>  
Cc: stable@vger.kernel.org  
Fixes: 801c135ce73d ("UBI: Unsorted Block Images")  
Reported-by: Chenyuan Yang <cy54@illinois.edu>  
Closes: https://lore.kernel.org/linux-mtd/1433EB7A-FC89-47D6-8F47-23BE41B263B3@illinois.edu/  
Signed-off-by: Richard Weinberger <richard@nod.at>  
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>

Signed-off-by: Steve Best sbest@redhat.com

ubi: Check for too small LEB size in VTBL code

Merge request reports