In the Linux kernel, the following vulnerability has been resolved:
iio: Fix the sorting functionality in iio_gts_build_avail_time_table
The sorting in iio_gts_build_avail_time_table is not working as intended.
It could result in an out-of-bounds access when the time is zero.
Here are more details:
3, 0, 1
, the inner for-loop will not terminate and dotimes[j] > new
, the valuenew
will be added in the current position and the times[j]
will bej+1
position, which makes the if-condition always hold.For more details, please refer to
https://lore.kernel.org/all/[email protected].