lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <1a21fffe403d7181e0404db1ed92140c306f97b7.1713270624.git.pnewman@connecttech.com>
Date: Tue, 16 Apr 2024 08:55:35 -0400
From: Parker Newman <parker@...est.io>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
	Jiri Slaby <jirislaby@...nel.org>,
	linux-kernel@...r.kernel.org,
	linux-serial@...r.kernel.org
Cc: Parker Newman <pnewman@...necttech.com>
Subject: [PATCH v3 8/8] serial: exar: fix: fix crash during shutdown if setup fails

From: Parker Newman <pnewman@...necttech.com>

If a port fails to register with serial8250_register_8250_port() the
kernel can crash when shutting down or module removal.

This is because "priv->line[i]" will be set to a negative error code
and in the exar_pci_remove() function serial8250_unregister_port() is
called without checking if the "priv->line[i]" value is valid.

Signed-off-by: Parker Newman <pnewman@...necttech.com>
---
 drivers/tty/serial/8250/8250_exar.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/drivers/tty/serial/8250/8250_exar.c b/drivers/tty/serial/8250/8250_exar.c
index 501b9f3e9c89..f5a395ed69d1 100644
--- a/drivers/tty/serial/8250/8250_exar.c
+++ b/drivers/tty/serial/8250/8250_exar.c
@@ -1671,7 +1671,8 @@ static void exar_pci_remove(struct pci_dev *pcidev)
 	unsigned int i;

 	for (i = 0; i < priv->nr; i++)
-		serial8250_unregister_port(priv->line[i]);
+		if (priv->line[i] >= 0)
+			serial8250_unregister_port(priv->line[i]);

 	/* Ensure that every init quirk is properly torn down */
 	if (priv->board->exit)
--
2.43.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ