Description
In the Linux kernel, the following vulnerability has been resolved: sparc: fix accurate exception reporting in copy_{from_to}_user for Niagara The referenced commit introduced exception handlers on user-space memory references in copy_from_user and copy_to_user. These handlers return from the respective function and calculate the remaining bytes left to copy using the current register contents. This commit fixes a couple of bad calculations and a broken epilogue in the exception handlers. This will prevent crashes and ensure correct return values of copy_from_user and copy_to_user in the faulting case. The behaviour of memcpy stays unchanged.
Product status
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before 05440320ea3e249d5f984918f2bf51210c1a7c03
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before 7823fc4d8ab5e57f8db7806ff2530c03c166c4bb
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before 37547d8e6eba87507279ee3dfddfd9dc46335454
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before a365ee556e45f780ee322b349a06efdad0c1458f
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before 8cdeb5e482d3fdce7e825444b6ca3865e24c0228
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before a90ce516a73dbe087f9bf3dbf311301a58d125c6
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before 088c5098ec6d6b0396edfbf3dad3e81de8469c1c
7ae3aaf53f1695877ccd5ebbc49ea65991e41f1e (git) before 0b67c8fc10b13a9090340c5f8a37d308f4e1571c
bfc8be6593097cb074d3912ba2f27565cfbb7d6e (git)
a15859f9d8396cce7c55ccdb7e75f70f14cbc349 (git)
4.9
Any version before 4.9
5.4.301 (semver)
5.10.246 (semver)
5.15.195 (semver)
6.1.156 (semver)
6.6.112 (semver)
6.12.53 (semver)
6.17.3 (semver)
6.18 (original_commit_for_fix)
References
git.kernel.org/...c/05440320ea3e249d5f984918f2bf51210c1a7c03
git.kernel.org/...c/7823fc4d8ab5e57f8db7806ff2530c03c166c4bb
git.kernel.org/...c/37547d8e6eba87507279ee3dfddfd9dc46335454
git.kernel.org/...c/a365ee556e45f780ee322b349a06efdad0c1458f
git.kernel.org/...c/8cdeb5e482d3fdce7e825444b6ca3865e24c0228
git.kernel.org/...c/a90ce516a73dbe087f9bf3dbf311301a58d125c6
git.kernel.org/...c/088c5098ec6d6b0396edfbf3dad3e81de8469c1c
git.kernel.org/...c/0b67c8fc10b13a9090340c5f8a37d308f4e1571c
