CVE-2024-53233
unicode: Fix utf8_load() error path
In the Linux kernel, the following vulnerability has been resolved:
unicode: Fix utf8_load() error path
utf8_load() requests the symbol "utf8_data_table" and then checks if the
requested UTF-8 version is supported. If it's unsupported, it tries to
put the data table using symbol_put(). If an unsupported version is
requested, symbol_put() fails like this:
kernel BUG at kernel/module/main.c:786!
RIP: 0010:__symbol_put+0x93/0xb0
Call Trace:
<TASK>
? __die_body.cold+0x19/0x27
? die+0x2e/0x50
? do_trap+0xca/0x110
? do_error_trap+0x65/0x80
? __symbol_put+0x93/0xb0
? exc_invalid_op+0x51/0x70
? __symbol_put+0x93/0xb0
? asm_exc_invalid_op+0x1a/0x20
? __pfx_cmp_name+0x10/0x10
? __symbol_put+0x93/0xb0
? __symbol_put+0x62/0xb0
utf8_load+0xf8/0x150
That happens because symbol_put() expects the unique string that
identify the symbol, instead of a pointer to the loaded symbol. Fix that
by using such string.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Productos afectados
Linux · Linux¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://git.kernel.org/stable/c/156bb2c569cd869583c593d27a5bd69e7b2a4264https://git.kernel.org/stable/c/4387cef540f36c2c9297460758cc2438305a24a0https://git.kernel.org/stable/c/6504dd27123966dc455494cb55217c04ca479121https://git.kernel.org/stable/c/89933f8ab3b4cad5ac14ea56a39947d1ffe7d0e3https://git.kernel.org/stable/c/c4b6c1781f6cc4e2283120ac8d873864b8056f21https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html