Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2016-10764

In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.

See the

CVE page on Mitre.org for more details.

References

MISC: https://git.kernel.org...
MISC: https://github.com/tor...
MISC: https://mirrors.edge.k...
CONFIRM: https://support.f5.com...
CONFIRM: https://support.f5.com...

Launchpad.net

CVE 2016-10764

Related bugs

References