CVE - CVE-2023-52860

CVE-ID
CVE-2023-52860	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the device has been unregistered, leading to fireworks when we try to execute empty function callbacks within the driver: \| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 \| CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G W O 5.12.0-rc4+ #1 \| Hardware name: , BIOS KpxxxFPGA 1P B600 V143 04/22/2021 \| pstate: 80400009 (Nzcv daif +PAN -UAO -TCO BTYPE=--) \| pc : perf_pmu_migrate_context+0x98/0x38c \| lr : perf_pmu_migrate_context+0x94/0x38c \| \| Call trace: \| perf_pmu_migrate_context+0x98/0x38c \| hisi_hns3_pmu_offline_cpu+0x104/0x12c [hisi_hns3_pmu] Use cpuhp_state_remove_instance_nocalls() instead of cpuhp_state_remove_instance() so that the notifiers don't execute after the PMU device has been unregistered. [will: Rewrote commit message]
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/3f5827371763f2d9c70719c270055a81d030f3d0 URL:https://git.kernel.org/stable/c/3f5827371763f2d9c70719c270055a81d030f3d0 MISC:https://git.kernel.org/stable/c/4589403a343bb0c72a6faf5898386ff964d4e01a URL:https://git.kernel.org/stable/c/4589403a343bb0c72a6faf5898386ff964d4e01a MISC:https://git.kernel.org/stable/c/50b560783f7f71790bcf70e9e9855155fb0af8c1 URL:https://git.kernel.org/stable/c/50b560783f7f71790bcf70e9e9855155fb0af8c1 MISC:https://git.kernel.org/stable/c/d04ff5437a45f275db5530efb49b68d0ec851f6f URL:https://git.kernel.org/stable/c/d04ff5437a45f275db5530efb49b68d0ec851f6f
Assigning CNA
kernel.org
Date Record Created
20240521	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240521)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)