CVE - CVE-2023-52492

CVE-ID
CVE-2023-52492	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure, chan->local is freed (with free_percpu()), and chan->local is nullified. When dma_async_device_unregister() is called (because of managed API or intentionally by DMA controller driver), channels are unconditionally unregistered, leading to this NULL pointer: [ 1.318693] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000d0 [...] [ 1.484499] Call trace: [ 1.486930] device_del+0x40/0x394 [ 1.490314] device_unregister+0x20/0x7c [ 1.494220] __dma_async_device_channel_unregister+0x68/0xc0 Look at dma_async_device_register() function error path, channel device unregistration is done only if chan->local is not NULL. Then add the same condition at the beginning of __dma_async_device_channel_unregister() function, to avoid NULL pointer issue whatever the API used to reach this function.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/047fce470412ab64cb7345f9ff5d06919078ad79 URL:https://git.kernel.org/stable/c/047fce470412ab64cb7345f9ff5d06919078ad79 MISC:https://git.kernel.org/stable/c/2ab32986a0b9e329eb7f8f04dd57cc127f797c08 URL:https://git.kernel.org/stable/c/2ab32986a0b9e329eb7f8f04dd57cc127f797c08 MISC:https://git.kernel.org/stable/c/7f0ccfad2031eddcc510caf4e57f2d4aa2d8a50b URL:https://git.kernel.org/stable/c/7f0ccfad2031eddcc510caf4e57f2d4aa2d8a50b MISC:https://git.kernel.org/stable/c/9263fd2a63487c6d04cbb7b74a48fb12e1e352d0 URL:https://git.kernel.org/stable/c/9263fd2a63487c6d04cbb7b74a48fb12e1e352d0 MISC:https://git.kernel.org/stable/c/9de69732dde4e443c1c7f89acbbed2c45a6a8e17 URL:https://git.kernel.org/stable/c/9de69732dde4e443c1c7f89acbbed2c45a6a8e17 MISC:https://git.kernel.org/stable/c/f5c24d94512f1b288262beda4d3dcb9629222fc7 URL:https://git.kernel.org/stable/c/f5c24d94512f1b288262beda4d3dcb9629222fc7
Assigning CNA
kernel.org
Date Record Created
20240220	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240220)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)