SB2024060850 - Information disclosure in Linux kernel memory driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Information disclosure (CVE-ID: CVE-2021-47314)

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the fsl_ifc_ctrl_remove() and fsl_ifc_ctrl_probe() functions in drivers/memory/fsl_ifc.c. A local user can gain access to sensitive information.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/8018476756066e97ecb886c3dc024aeb7d5792ad
• https://git.kernel.org/stable/c/3b45b8a7d549bd92ec94b5357c2c2c1a7ed107e4
• https://git.kernel.org/stable/c/7626ffbea708e5aba6912295c012d2b409a1769f
• https://git.kernel.org/stable/c/ee1aa737ba0b75ab8af3444c4ae5bdba36aed6e6
• https://git.kernel.org/stable/c/443f6ca6fd186b4fa4e6f377b6e19a91feb1a0d5
• https://git.kernel.org/stable/c/b5789e23773f4a852fbfe244b63f675e265d3a7f
• https://git.kernel.org/stable/c/48ee69825f7480622ed447b0249123236d3b3ad0
• https://git.kernel.org/stable/c/a6b45b4932f7b0c36b41fb56a35ad679ece939a0
• https://git.kernel.org/stable/c/8e0d09b1232d0538066c40ed4c13086faccbdff6
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.240
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.198
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.276
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.52
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.19
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.134