Name of the Vulnerable Software and Affected Versions Linux Kernel versions v5.10 through v5.19.3

Description A buffer overflow issue exists in the sja1105 setup devlink regions() function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version v5.10 and is fixed in Linux Kernel version v5.19.4.

Recommendations For Linux Kernel versions v5.10 through v5.19.3, update to version v5.19.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the sja1105 setup devlink regions() function until a patch is available.