CVE-2020-36776 Information

Feb 29, 2024 cve

Description

In the Linux kernel the following vulnerability has been resolved:

thermal/drivers/cpufreq_cooling: Fix slab OOB issue

Slab OOB issue is scanned by KASAN in cpu_power_to_freq(). If power is limited below the power of OPP0 in EM table it will cause slab out-of-bound issue with negative array index.

Return the lowest frequency if limited power cannot found a suitable OPP in EM table to fix this issue.

Backtrace: [] die+0x104/0x5ac [] bug_handler+0x64/0xd0 [] brk_handler+0x160/0x258 [] do_debug_exception+0x248/0x3f0 [] el1_dbg+0x14/0xbc [] __kasan_report+0x1dc/0x1e0 [] kasan_report+0x10/0x20 [] __asan_report_load8_noabort+0x18/0x28 [] cpufreq_power2state+0x180/0x43c [] power_actor_set_power+0x114/0x1d4 [] allocate_power+0xaec/0xde0 [] power_allocator_throttle+0x3ec/0x5a4 [] handle_thermal_trip+0x160/0x294 [] thermal_zone_device_check+0xe4/0x154 [] process_one_work+0x5e4/0xe28 [] worker_thread+0xa4c/0xfac [] kthread+0x33c/0x358 [] ret_from_fork+0xc/0x18

Reference

https://git.kernel.org/stable/c/c24a20912eef00587416628149c438e885eb1304 https://git.kernel.org/stable/c/876a5f33e5d961d879c5436987c09b3d9ef70379 https://git.kernel.org/stable/c/6bf443acf6ca4f666d0e4225614ba9993a3aa1a9 https://git.kernel.org/stable/c/34ab17cc6c2c1ac93d7e5d53bb972df9a968f085

Share on: