"value":"In the Linux kernel, the following vulnerability has been resolved:\n\npstore: ram_core: fix possible overflow in persistent_ram_init_ecc()\n\nIn persistent_ram_init_ecc(), on 64-bit arches DIV_ROUND_UP() will return\n64-bit value since persistent_ram_zone::buffer_size has type size_t which\nis derived from the 64-bit *unsigned long*, while the ecc_blocks variable\nthis value gets assigned to has (always 32-bit) *int* type. Even if that\nvalue fits into *int* type, an overflow is still possible when calculating\nthe size_t typed ecc_total variable further below since there's no cast to\nany 64-bit type before multiplication. Declaring the ecc_blocks variable\nas *size_t* should fix this mess...\n\nFound by Linux Verification Center (linuxtesting.org) with the SVACE static\nanalysis tool."
"value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pstore: ram_core: corrige posible desbordamiento en persistent_ram_init_ecc() En persistent_ram_init_ecc(), en arcos de 64 bits DIV_ROUND_UP() devolver\u00e1 un valor de 64 bits ya que persistent_ram_zone::buffer_size tiene el tipo size_t que se deriva del *unsigned long* de 64 bits, mientras que la variable ecc_blocks a la que se asigna este valor tiene (siempre 32 bits) el tipo *int*. Incluso si ese valor encaja en el tipo *int*, a\u00fan es posible un desbordamiento al calcular la variable ecc_total escrita size_t m\u00e1s abajo, ya que no hay conversi\u00f3n a ning\u00fan tipo de 64 bits antes de la multiplicaci\u00f3n. Declarar la variable ecc_blocks como *size_t* deber\u00eda solucionar este problema... Encontrado por el Centro de verificaci\u00f3n de Linux (linuxtesting.org) con la herramienta de an\u00e1lisis est\u00e1tico SVACE."
