CVE - CVE-2023-52617

CVE-ID
CVE-2023-52617	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: PCI: switchtec: Fix stdev_release() crash after surprise hot remove A PCI device hot removal may occur while stdev->cdev is held open. The call to stdev_release() then happens during close or exit, at a point way past switchtec_pci_remove(). Otherwise the last ref would vanish with the trailing put_device(), just before return. At that later point in time, the devm cleanup has already removed the stdev->mmio_mrpc mapping. Also, the stdev->pdev reference was not a counted one. Therefore, in DMA mode, the iowrite32() in stdev_release() will cause a fatal page fault, and the subsequent dma_free_coherent(), if reached, would pass a stale &stdev->pdev->dev pointer. Fix by moving MRPC DMA shutdown into switchtec_pci_remove(), after stdev_kill(). Counting the stdev->pdev ref is now optional, but may prevent future accidents. Reproducible via the script at https://lore.kernel.org/r/20231113212150.96410-1-dns@arista.com
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/0233b836312e39a3c763fb53512b3fa455b473b3 URL:https://git.kernel.org/stable/c/0233b836312e39a3c763fb53512b3fa455b473b3 MISC:https://git.kernel.org/stable/c/1d83c85922647758c1f1e4806a4c5c3cf591a20a URL:https://git.kernel.org/stable/c/1d83c85922647758c1f1e4806a4c5c3cf591a20a MISC:https://git.kernel.org/stable/c/4a5d0528cf19dbf060313dffbe047bc11c90c24c URL:https://git.kernel.org/stable/c/4a5d0528cf19dbf060313dffbe047bc11c90c24c MISC:https://git.kernel.org/stable/c/d8c293549946ee5078ed0ab77793cec365559355 URL:https://git.kernel.org/stable/c/d8c293549946ee5078ed0ab77793cec365559355 MISC:https://git.kernel.org/stable/c/df25461119d987b8c81d232cfe4411e91dcabe66 URL:https://git.kernel.org/stable/c/df25461119d987b8c81d232cfe4411e91dcabe66 MISC:https://git.kernel.org/stable/c/e129c7fa7070fbce57feb0bfc5eaa65eef44b693 URL:https://git.kernel.org/stable/c/e129c7fa7070fbce57feb0bfc5eaa65eef44b693 MISC:https://git.kernel.org/stable/c/ff1c7e2fb9e9c3f53715fbe04d3ac47b80be7eb8 URL:https://git.kernel.org/stable/c/ff1c7e2fb9e9c3f53715fbe04d3ac47b80be7eb8
Assigning CNA
kernel.org
Date Record Created
20240306	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240306)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)