Description
In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Add validation for lmac type Upon physical link change, firmware reports to the kernel about the change along with the details like speed, lmac_type_id, etc. Kernel derives lmac_type based on lmac_type_id received from firmware. In a few scenarios, firmware returns an invalid lmac_type_id, which is resulting in below kernel panic. This patch adds the missing validation of the lmac_type_id field. Internal error: Oops: 96000005 [#1] PREEMPT SMP [ 35.321595] Modules linked in: [ 35.328982] CPU: 0 PID: 31 Comm: kworker/0:1 Not tainted 5.4.210-g2e3169d8e1bc-dirty #17 [ 35.337014] Hardware name: Marvell CN103XX board (DT) [ 35.344297] Workqueue: events work_for_cpu_fn [ 35.352730] pstate: 40400089 (nZcv daIf +PAN -UAO) [ 35.360267] pc : strncpy+0x10/0x30 [ 35.366595] lr : cgx_link_change_handler+0x90/0x180
Product status
61071a871ea6eb2125ece91c1a0dbb124a318c8a (git) before 83a7f27c5b94e43f29f8216a32790751139aa61e
61071a871ea6eb2125ece91c1a0dbb124a318c8a (git) before afd7660c766c4d317feae004e5cd829390bbc4b0
61071a871ea6eb2125ece91c1a0dbb124a318c8a (git) before 5c0268b141ad612b6fca13d3a66cfda111716dbb
61071a871ea6eb2125ece91c1a0dbb124a318c8a (git) before cb5edce271764524b88b1a6866b3e626686d9a33
4.20
Any version before 4.20
6.1.32 (semver)
6.2.16 (semver)
6.3.3 (semver)
6.4 (original_commit_for_fix)
References
git.kernel.org/...c/83a7f27c5b94e43f29f8216a32790751139aa61e
git.kernel.org/...c/afd7660c766c4d317feae004e5cd829390bbc4b0
git.kernel.org/...c/5c0268b141ad612b6fca13d3a66cfda111716dbb
git.kernel.org/...c/cb5edce271764524b88b1a6866b3e626686d9a33
Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.
