Описание
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
Отчет
The bug actual only for ARM64 hardware (if ARMv8 or similar ARM CPU being used). There is no known way to trigger the bug, because user cannot control internal values for particular CPUs. As result would not be possible to trigger overflow by user even before this additional check added. For CVSS score the attack complexity is high as result.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 10 | kernel | Affected | ||
| Red Hat Enterprise Linux 6 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel | Not affected | ||
| Red Hat Enterprise Linux 7 | kernel-rt | Not affected | ||
| Red Hat Enterprise Linux 9 | kernel-rt | Will not fix | ||
| Red Hat Enterprise Linux 8 | kernel-rt | Fixed | RHSA-2025:3264 | 26.03.2025 |
| Red Hat Enterprise Linux 8 | kernel | Fixed | RHSA-2025:3260 | 26.03.2025 |
| Red Hat Enterprise Linux 8.2 Advanced Update Support | kernel | Fixed | RHSA-2025:3209 | 26.03.2025 |
| Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | kernel | Fixed | RHSA-2025:3207 | 26.03.2025 |
| Red Hat Enterprise Linux 8.4 Telecommunications Update Service | kernel-rt | Fixed | RHSA-2025:3211 | 26.03.2025 |
Показывать по
Дополнительная информация
Статус:
7 High
CVSS3
Связанные уязвимости
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
In the Linux kernel, the following vulnerability has been resolved: a ...
In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop that detects/populates cache information already has a bounds check on the array size but does not account for cache levels with separate data/instructions cache. Fix this by incrementing the index for any populated leaf (instead of any populated level).
7 High
CVSS3