SB2024062498 - Resource management error in Linux kernel macintosh driver

Description

This security bulletin contains information about 1 security vulnerability.

1) Resource management error (CVE-ID: CVE-2024-38607)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the macii_probe() function in drivers/macintosh/via-macii.c. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

References

• https://git.kernel.org/stable/c/e4ff8bcfb2841fe4e17e5901578b632adb89036d
• https://git.kernel.org/stable/c/1e9c3f2caec548cfa7a65416ec4e6006e542f18e
• https://git.kernel.org/stable/c/280619bbdeac186fb320fab3d61122d2a085def8
• https://git.kernel.org/stable/c/010d4cb19bb13f423e3e746b824f314a9bf3e9a9
• https://git.kernel.org/stable/c/787fb79efc15b3b86442ecf079b8148f173376d7
• https://git.kernel.org/stable/c/d43a8c7ec0841e0ff91a968770aeca83f0fd4c56
• https://git.kernel.org/stable/c/5900a88e897e6deb1bdce09ee34167a81c2da89d
• https://git.kernel.org/stable/c/2907d409ce5946390f513976f0454888d37d1058
• https://git.kernel.org/stable/c/d301a71c76ee4c384b4e03cdc320a55f5cf1df05
• https://mirrors.edge.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.316
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.219
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.15.161
• https://mirrors.edge.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.278
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.1.93
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.10
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.33
• https://mirrors.edge.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.8.12