References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result

If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL command
the driver might at the least print garbage and at the worst
crash when the user runs the "devlink dev info" devlink command.

This happens because the stack variable fw_list is not 0
initialized which results in fw_list.num_fw_slots being a
garbage value from the stack.  Then the driver tries to access
fw_

https://git.kernel.org/stable/c/12a4651a80dbe4589a84e26785fbbe1ed4d043b7

https://git.kernel.org/stable/c/2567daad69cd1107fc0ec29b1615f110d7cf7385

https://git.kernel.org/stable/c/6702f5c6b22deaa95bf84f526148174a160a02cb

https://git.kernel.org/stable/c/cdd784c96fe2e5edbf0ed9b3e96fe776e8092385