| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2024030254-CVE-2023-52567-38c1@gregkh>
Date: Sat, 2 Mar 2024 23:00:01 +0100
From: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
To: linux-cve-announce@...r.kernel.org
Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Subject: CVE-2023-52567: serial: 8250_port: Check IRQ data before use
Description
===========
In the Linux kernel, the following vulnerability has been resolved:
serial: 8250_port: Check IRQ data before use
In case the leaf driver wants to use IRQ polling (irq = 0) and
IIR register shows that an interrupt happened in the 8250 hardware
the IRQ data can be NULL. In such a case we need to skip the wake
event as we came to this path from the timer interrupt and quite
likely system is already awake.
Without this fix we have got an Oops:
serial8250: ttyS0 at I/O 0x3f8 (irq = 0, base_baud = 115200) is a 16550A
...
BUG: kernel NULL pointer dereference, address: 0000000000000010
RIP: 0010:serial8250_handle_irq+0x7c/0x240
Call Trace:
? serial8250_handle_irq+0x7c/0x240
? __pfx_serial8250_timeout+0x10/0x10
The Linux kernel CVE team has assigned CVE-2023-52567 to this issue.
Affected and fixed versions
===========================
Issue introduced in 4.14.315 with commit edfe57aedff4 and fixed in 4.14.327 with commit ee5732caaffb
Issue introduced in 4.19.283 with commit 0bd49a043c79 and fixed in 4.19.296 with commit c334650150c2
Issue introduced in 5.4.243 with commit 572d48361aa0 and fixed in 5.4.258 with commit bf3c728e3692
Issue introduced in 5.10.180 with commit d5d628fea5f6 and fixed in 5.10.198 with commit e14afa4450cb
Issue introduced in 5.15.111 with commit 424cf2929635 and fixed in 5.15.134 with commit 2b837f13a818
Issue introduced in 6.1.28 with commit 727e92fe13e8 and fixed in 6.1.56 with commit e14f68a48fd4
Issue introduced in 6.4 with commit 0ba9e3a13c6a and fixed in 6.5.6 with commit 3345cc5f02f1
Issue introduced in 6.4 with commit 0ba9e3a13c6a and fixed in 6.6 with commit cce7fc8b2996
Please see https://www.kernel.org or a full list of currently supported
kernel versions by the kernel community.
Unaffected versions might change over time as fixes are backported to
older supported kernel versions. The official CVE entry at
https://cve.org/CVERecord/?id=CVE-2023-52567
will be updated if fixes are backported, please check that for the most
up to date information about this issue.
Affected files
==============
The file(s) affected by this issue are:
drivers/tty/serial/8250/8250_port.c
Mitigation
==========
The Linux kernel CVE team recommends that you update to the latest
stable kernel version for this, and many other bugfixes. Individual
changes are never tested alone, but rather are part of a larger kernel
release. Cherry-picking individual commits is not recommended or
supported by the Linux kernel community at all. If however, updating to
the latest release is impossible, the individual changes to resolve this
issue can be found at these commits:
https://git.kernel.org/stable/c/ee5732caaffba3a37e753fdb89b4958db9a61847
https://git.kernel.org/stable/c/c334650150c29234b0923476f51573ae1b2f252a
https://git.kernel.org/stable/c/bf3c728e3692cc6d998874f0f27d433117348742
https://git.kernel.org/stable/c/e14afa4450cb7e4cf93e993a765801203d41d014
https://git.kernel.org/stable/c/2b837f13a818f96304736453ac53b66a70aaa4f2
https://git.kernel.org/stable/c/e14f68a48fd445a083ac0750fafcb064df5f18f7
https://git.kernel.org/stable/c/3345cc5f02f1fb4c4dcb114706f2210d879ab933
https://git.kernel.org/stable/c/cce7fc8b29961b64fadb1ce398dc5ff32a79643b
Powered by blists - more mailing lists