From: Xiangyu Chen <[email protected]> Hi Bruce,
Recently, the CVE-2024-38541's source up to 9.8-critical[1], upstream already fixed it, but the of_modalias in device.c has already moved out to module.c, to backport all related patches might have some risk, so adapted the fix of of_modalias() in device.c. Ref: [1] https://nvd.nist.gov/vuln/detail/CVE-2024-38541 Xiangyu Chen (1): of: module: add buffer overflow check in of_modalias() drivers/of/device.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) -- 2.34.1
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#14115): https://lists.yoctoproject.org/g/linux-yocto/message/14115 Mute This Topic: https://lists.yoctoproject.org/mt/107031476/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/linux-yocto/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
