Description
In the Linux kernel, the following vulnerability has been resolved: iommu/riscv: Remove overflows on the invalidation path Since RISC-V supports a sign extended page table it should support a gather->end of ULONG_MAX, but if this happens it will infinite loop because of the overflow. Also avoid overflow computing the length by moving the +1 to the other side of the <
Product status
488ffbf181718b9ad8c1838cb249d60973e78eda (git) before 9f0632b0d4246675fa221aa1a3bffadf9c6bd9ac
488ffbf181718b9ad8c1838cb249d60973e78eda (git) before e4b7687784153481de45fd39fb97ba3919605c0c
488ffbf181718b9ad8c1838cb249d60973e78eda (git) before 40a13b49957937427bc23e78eb50679df4396a47
6.13
Any version before 6.13
6.18.33 (semver)
7.0.10 (semver)
7.1 (original_commit_for_fix)
References
git.kernel.org/...c/9f0632b0d4246675fa221aa1a3bffadf9c6bd9ac
git.kernel.org/...c/e4b7687784153481de45fd39fb97ba3919605c0c
git.kernel.org/...c/40a13b49957937427bc23e78eb50679df4396a47