CVE-2024-50195

Name of the Vulnerable Software and Affected Versions: Linux kernel (affected versions not specified)

Description: A vulnerability in the Linux kernel's posix-clock has been resolved. The issue was in the pc clock settime() function, where a missing timespec64 check allowed for potentially invalid time values to be passed to ptp->info->settime64(). According to the clock settime() manual, if tp.tv sec is negative or tp.tv nsec is outside the range [0..999,999,999], it should return EINVAL. The timespec64 valid() function only checks if the timespec is valid, but not if the time is in a valid range. To address this, timespec64 valid strict() is used to check the time range ahead of time and return -EINVAL if not valid. Some drivers, such as hclge ptp settime(), igb ptp settime i210(), and rcar gen4 ptp settime(), use tp->tv sec and tp->tv nsec directly to write registers without validity checks, assuming the higher layer has checked it, which is dangerous and will benefit from this fix.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.