Public bug reported: [Impact] There is a potential for memory corruption in MSI payloads. For reasons mentioned in the commit message, this happens to not be triggerable today, but is fragile, and could rear it's ugly head if a struct layout changes due to other backports in the future.
[Test Case] Regression-only. [Fix] 84a9a75774961 iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads [Regression Risk] The fix is to add some explicit padding into an internal structure. This padding is already implicit today. ** Affects: linux (Ubuntu) Importance: Medium Status: Fix Released ** Affects: linux (Ubuntu Bionic) Importance: Undecided Assignee: dann frazier (dannf) Status: In Progress ** Affects: linux (Ubuntu Cosmic) Importance: Undecided Assignee: dann frazier (dannf) Status: In Progress ** Affects: linux (Ubuntu Disco) Importance: Medium Status: Fix Released ** Also affects: linux (Ubuntu Disco) Importance: Medium Assignee: dann frazier (dannf) Status: Fix Released ** Also affects: linux (Ubuntu Cosmic) Importance: Undecided Status: New ** Also affects: linux (Ubuntu Bionic) Importance: Undecided Status: New ** Changed in: linux (Ubuntu Cosmic) Status: New => In Progress ** Changed in: linux (Ubuntu Bionic) Status: New => In Progress ** Changed in: linux (Ubuntu Bionic) Assignee: (unassigned) => dann frazier (dannf) ** Changed in: linux (Ubuntu Cosmic) Assignee: (unassigned) => dann frazier (dannf) ** Changed in: linux (Ubuntu Disco) Assignee: dann frazier (dannf) => (unassigned) -- You received this bug notification because you are a member of Kernel Packages, which is subscribed to linux in Ubuntu. https://bugs.launchpad.net/bugs/1819546 Title: Avoid potential memory corruption on HiSilicon SoCs Status in linux package in Ubuntu: Fix Released Status in linux source package in Bionic: In Progress Status in linux source package in Cosmic: In Progress Status in linux source package in Disco: Fix Released Bug description: [Impact] There is a potential for memory corruption in MSI payloads. For reasons mentioned in the commit message, this happens to not be triggerable today, but is fragile, and could rear it's ugly head if a struct layout changes due to other backports in the future. [Test Case] Regression-only. [Fix] 84a9a75774961 iommu/arm-smmu-v3: Avoid memory corruption from Hisilicon MSI payloads [Regression Risk] The fix is to add some explicit padding into an internal structure. This padding is already implicit today. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1819546/+subscriptions -- Mailing list: https://launchpad.net/~kernel-packages Post to : kernel-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~kernel-packages More help : https://help.launchpad.net/ListHelp