CVE-2024-42093
net/dpaa2: Avoid explicit cpumask var allocation on stack
In the Linux kernel, the following vulnerability has been resolved:
net/dpaa2: Avoid explicit cpumask var allocation on stack
For CONFIG_CPUMASK_OFFSTACK=y kernel, explicit allocation of cpumask
variable on stack is not recommended since it can cause potential stack
overflow.
Instead, kernel code should always use *cpumask_var API(s) to allocate
cpumask var in config-neutral way, leaving allocation strategy to
CONFIG_CPUMASK_OFFSTACK.
Use *cpumask_var API(s) to address it.
Affected products
Linux · LinuxWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://cert-portal.siemens.com/productcert/html/ssa-265688.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-355557.htmlhttps://cert-portal.siemens.com/productcert/html/ssa-613116.htmlhttps://git.kernel.org/stable/c/48147337d7efdea6ad6e49f5b8eb894b95868ef0https://git.kernel.org/stable/c/5e4f25091e6d06e99a23f724c839a58a8776a527https://git.kernel.org/stable/c/69f49527aea12c23b78fb3d0a421950bf44fb4e2https://git.kernel.org/stable/c/763896ab62a672d728f5eb10ac90d98c607a8509https://git.kernel.org/stable/c/a55afc0f5f20ba30970aaf7271929dc00eee5e7dhttps://git.kernel.org/stable/c/b2262b3be27cee334a2fa175ae3afb53f38fb0b1https://git.kernel.org/stable/c/d33fe1714a44ff540629b149d8fab4ac6967585chttps://lists.debian.org/debian-lts-announce/2025/01/msg00001.html