Skip to content

[fips9-2] CVE-2025-38380 #619

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: fips-9-compliant/5.14.0-284.30.1
Choose a base branch
from
Open

[fips9-2] CVE-2025-38380 #619

wants to merge 1 commit into from

Conversation

roxanan1996
Copy link

@roxanan1996 roxanan1996 commented Oct 9, 2025
edited
Loading

Commit: 3d30048 ("kernel: i2c/designware: Fix an initialization issue") was cherry-picked from linux-mainline. It applied cleanly.

BUILD

> grep -E -B 5 -A 5 '\[TIMER\]|^Starting Build' ~/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kernel-build-after.log
/home/rnicolescu/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kernel-src-tree-fix
Skipping make mrproper
[TIMER]{MRPROPER}: 0s
x86_64 architecture detected, copying config
'configs/kernel-x86_64-rhel.config' -> '.config'
Setting Local Version for build
CONFIG_LOCALVERSION="-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c"
Making olddefconfig
#
# configuration written to .config
#
Starting Build
  SYNC    include/config/auto.conf.cmd
  UPD     include/config/kernel.release
  DESCEND objtool
  DESCEND bpf/resolve_btfids
  UPD     include/generated/utsrelease.h
--
  BTF [M] sound/virtio/virtio_snd.ko
  LD [M]  virt/lib/irqbypass.ko
  BTF [M] sound/xen/snd_xen_front.ko
  BTF [M] sound/x86/snd-hdmi-lpe-audio.ko
  BTF [M] virt/lib/irqbypass.ko
[TIMER]{BUILD}: 308s
Making Modules
  INSTALL /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/arch/x86/crypto/blake2s-x86_64.ko
  INSTALL /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/arch/x86/crypto/blowfish-x86_64.ko
  INSTALL /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/arch/x86/crypto/camellia-aesni-avx-x86_64.ko
  INSTALL /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/arch/x86/crypto/camellia-aesni-avx2.ko
--
  SIGN    /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/sound/x86/snd-hdmi-lpe-audio.ko
  STRIP   /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/sound/xen/snd_xen_front.ko
  SIGN    /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/sound/xen/snd_xen_front.ko
  SIGN    /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+/kernel/sound/usb/snd-usb-audio.ko
  DEPMOD  /lib/modules/5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+
[TIMER]{MODULES}: 15s
Making Install
sh ./arch/x86/boot/install.sh \
	5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+ arch/x86/boot/bzImage \
	System.map "/boot"
[TIMER]{INSTALL}: 22s
Checking kABI
kABI check passed
Setting Default Kernel to /boot/vmlinuz-5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+ and Index to 2
The default is /boot/loader/entries/506c08856ad34062a6658d29211d7b09-5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+.conf with index 2 and kernel /boot/vmlinuz-5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+
The default is /boot/loader/entries/506c08856ad34062a6658d29211d7b09-5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+.conf with index 2 and kernel /boot/vmlinuz-5.14.0-rnicolescu_fips-9-compliant_5.14.0-284.30.1-458443e2c+
Generating grub configuration file ...
Adding boot menu entry for UEFI Firmware Settings ...
done
Hopefully Grub2.0 took everything ... rebooting after time metrices
[TIMER]{MRPROPER}: 0s
[TIMER]{BUILD}: 308s
[TIMER]{MODULES}: 15s
[TIMER]{INSTALL}: 22s
[TIMER]{TOTAL} 350s
Rebooting in 10 seconds

kernel-build-after.log
kernel-build-before.log

Kselftests

> ~/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kernel-tools/kselftest-diff.sh ~/ciq/vms/fips-9-compliant_5.14.0-284.30.1
/home/rnicolescu/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kselftest-before.log
320
/home/rnicolescu/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kselftest-after.log
318
Before: /home/rnicolescu/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kselftest-before.log
After: /home/rnicolescu/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kselftest-after.log
Diff:
-ok 11 selftests: proc: proc-uptime-001
-ok 6 selftests: net: tls

kselftest-after.log
kselftest-before.log

Check_kernel_commits including interdiff

> check_kernel_commits.py --repo ~/ciq/vms/fips-9-compliant_5.14.0-284.30.1/kernel-src-tree-fix --pr_branch {rnicolescu}_fips-9-compliant/5.14.0-284.30.1 --base_branch fips-9-compliant/5.14.0-284.30.1
Comparing commits 3d30048958e0d43425f6d4e76565e6249fa71050 and 458443e2c7ecdd268d27820b05001352b8befa54...
interdiff result:
No diff between 3d30048958e0d43425f6d4e76565e6249fa71050 and 458443e2c7ecdd268d27820b05001352b8befa54
All referenced commits exist upstream and have no Fixes: tags.

@roxanan1996
i2c/designware: Fix an initialization issue
458443e 
jira VULN-79511
cve CVE-2025-38380
commit-author Michael J. Ruhl <[email protected]>
commit 3d30048

The i2c_dw_xfer_init() function requires msgs and msg_write_idx from the
dev context to be initialized.

amd_i2c_dw_xfer_quirk() inits msgs and msgs_num, but not msg_write_idx.

This could allow an out of bounds access (of msgs).

Initialize msg_write_idx before calling i2c_dw_xfer_init().

	Reviewed-by: Andy Shevchenko <[email protected]>
Fixes: 17631e8 ("i2c: designware: Add driver support for AMD NAVI GPU")
	Cc: <[email protected]> # v5.13+
	Signed-off-by: Michael J. Ruhl <[email protected]>
	Signed-off-by: Andi Shyti <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
(cherry picked from commit 3d30048)
	Signed-off-by: Roxana Nicolescu <[email protected]>
@roxanan1996 roxanan1996 requested a review from a team October 9, 2025 19:03
bmastbergen
bmastbergen approved these changes Oct 9, 2025
View reviewed changes
Copy link
Collaborator

@bmastbergen bmastbergen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🥌

@roxanan1996 roxanan1996 self-assigned this Oct 10, 2025
@bmastbergen bmastbergen requested a review from a team October 10, 2025 14:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bmastbergen bmastbergen bmastbergen approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees

@roxanan1996 roxanan1996

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@roxanan1996 @bmastbergen