CVE - CVE-2023-52849

CVE-ID
CVE-2023-52849	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: cxl/mem: Fix shutdown order Ira reports that removing cxl_mock_mem causes a crash with the following trace: BUG: kernel NULL pointer dereference, address: 0000000000000044 [..] RIP: 0010:cxl_region_decode_reset+0x7f/0x180 [cxl_core] [..] Call Trace: <TASK> cxl_region_detach+0xe8/0x210 [cxl_core] cxl_decoder_kill_region+0x27/0x40 [cxl_core] cxld_unregister+0x29/0x40 [cxl_core] devres_release_all+0xb8/0x110 device_unbind_cleanup+0xe/0x70 device_release_driver_internal+0x1d2/0x210 bus_remove_device+0xd7/0x150 device_del+0x155/0x3e0 device_unregister+0x13/0x60 devm_release_action+0x4d/0x90 ? __pfx_unregister_port+0x10/0x10 [cxl_core] delete_endpoint+0x121/0x130 [cxl_core] devres_release_all+0xb8/0x110 device_unbind_cleanup+0xe/0x70 device_release_driver_internal+0x1d2/0x210 bus_remove_device+0xd7/0x150 device_del+0x155/0x3e0 ? lock_release+0x142/0x290 cdev_device_del+0x15/0x50 cxl_memdev_unregister+0x54/0x70 [cxl_core] This crash is due to the clearing out the cxl_memdev's driver context (@cxlds) before the subsystem is done with it. This is ultimately due to the region(s), that this memdev is a member, being torn down and expecting to be able to de-reference @cxlds, like here: static int cxl_region_decode_reset(struct cxl_region *cxlr, int count) ... if (cxlds->rcd) goto endpoint_reset; ... Fix it by keeping the driver context valid until memdev-device unregistration, and subsequently the entire stack of related dependencies, unwinds.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0ca074f7d788627a4e0b047ca5fbdb5fc567220c URL:https://git.kernel.org/stable/c/0ca074f7d788627a4e0b047ca5fbdb5fc567220c MISC:https://git.kernel.org/stable/c/20bd0198bebdd706bd4614b3933ef70d7c19618f URL:https://git.kernel.org/stable/c/20bd0198bebdd706bd4614b3933ef70d7c19618f MISC:https://git.kernel.org/stable/c/7c7371b41a14e86f53e7dbe5baa7b1d3e0ab324b URL:https://git.kernel.org/stable/c/7c7371b41a14e86f53e7dbe5baa7b1d3e0ab324b MISC:https://git.kernel.org/stable/c/88d3917f82ed4215a2154432c26de1480a61b209 URL:https://git.kernel.org/stable/c/88d3917f82ed4215a2154432c26de1480a61b209 MISC:https://git.kernel.org/stable/c/cad22a757029c3a1985c221a2d4a6491ad4035ae URL:https://git.kernel.org/stable/c/cad22a757029c3a1985c221a2d4a6491ad4035ae
Assigning CNA
kernel.org
Date Record Created
20240521	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240521)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)