lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87wm5xaw4u.wl-tiwai@suse.de>
Date: Wed, 17 Sep 2025 18:20:33 +0200
From: Takashi Iwai <tiwai@...e.de>
To: Richard Fitzgerald <rf@...nsource.cirrus.com>
Cc: tiwai@...e.com,
	yung-chuan.liao@...ux.intel.com,
	pierre-louis.bossart@...ux.dev,
	linux-sound@...r.kernel.org,
	linux-kernel@...r.kernel.org,
	patches@...nsource.cirrus.com
Subject: Re: [PATCH] ALSA: hda: intel-dsp-config: Prevent SEGFAULT if ACPI_HANDLE() is NULL

On Wed, 17 Sep 2025 18:06:09 +0200,
Richard Fitzgerald wrote:
> 
> Check in snd_intel_dsp_check_soundwire() that the pointer returned by
> ACPI_HANDLE() is not NULL, before passing it on to other functions.
> 
> The original code assumed a non-NULL return, but if it was unexpectedly
> NULL it would end up passed to acpi_walk_namespace() as the start
> point, and would result in
> 
> [    3.219028] BUG: kernel NULL pointer dereference, address:
> 0000000000000018
> [    3.219029] #PF: supervisor read access in kernel mode
> [    3.219030] #PF: error_code(0x0000) - not-present page
> [    3.219031] PGD 0 P4D 0
> [    3.219032] Oops: Oops: 0000 [#1] SMP NOPTI
> [    3.219035] CPU: 2 UID: 0 PID: 476 Comm: (udev-worker) Tainted: G S
> AW   E       6.17.0-rc5-test #1 PREEMPT(voluntary)
> [    3.219038] Tainted: [S]=CPU_OUT_OF_SPEC, [A]=OVERRIDDEN_ACPI_TABLE,
> [W]=WARN, [E]=UNSIGNED_MODULE
> [    3.219040] RIP: 0010:acpi_ns_walk_namespace+0xb5/0x480
> 
> This problem was triggered by a bugged DSDT that the kernel couldn't parse.
> But it shouldn't be possible to SEGFAULT the kernel just because of some
> bugs in ACPI.
> 
> Fixes: 0650857570d1 ("ALSA: hda: add autodetection for SoundWire")
> Signed-off-by: Richard Fitzgerald <rf@...nsource.cirrus.com>

Thanks, applied now.


Takashi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ