2 matches found
kernel: i2c: unbounded length leads to buffer overflow in ismt_access()
A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2CSMBUSBLOCKPROCCALL case via the ioctl I2CSMBUS with malicious input data. In particular, the userspace controllable "data-block0" variable was not capped to a numbe...
PT-2022-4884 · Linux +10 · Linux Kernel +10
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: An out-of-bounds memory access flaw was found in the Linux kernel's Intel iSMT SMBus host controller driver. This issue arises when a user triggers the I2C SMBUS BLOCK DATA with...