CVE-2023-53144
N/A
Summary
In the Linux kernel, the following vulnerability has been resolved:
erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms
As the call trace shown, the root cause is kunmap incorrect pages:
BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted 6.2.0-rc5 #4 Workqueue: erofs_worker z_erofs_decompressqueue_work EIP: z_erofs_lzma_decompress+0x34b/0x8ac z_erofs_decompress+0x12/0x14 z_erofs_decompress_queue+0x7e7/0xb1c z_erofs_decompressqueue_work+0x32/0x60 process_one_work+0x24b/0x4d8 ? process_one_work+0x1a4/0x4d8 worker_thread+0x14c/0x3fc kthread+0xe6/0x10c ? rescuer_thread+0x358/0x358 ? kthread_complete_and_exit+0x18/0x18 ret_from_fork+0x1c/0x28 —[ end trace 0000000000000000 ]—
The bug is trivial and should be fixed now. It has no impact on !HIGHMEM platforms.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Linux | Linux | 622ceaddb7649ca328832f50ba1400af778d75fa < fa4056781ac067b5946c6811459e1a36842047fd | affected |
| Linux | Linux | 622ceaddb7649ca328832f50ba1400af778d75fa < 28aea8ae6cf212a5bf3ed962b27921e2029ad754 | affected |
| Linux | Linux | 622ceaddb7649ca328832f50ba1400af778d75fa < 8f121dfb15f7b4ab345992ce96003eb63fd608f4 | affected |
| Linux | Linux | 5.16 | affected |
| Linux | Linux | 0 < 5.16 | unaffected |
| Linux | Linux | 6.1.20 <= 6.1.* | unaffected |
| Linux | Linux | 6.2.7 <= 6.2.* | unaffected |
| Linux | Linux | 6.3 <= * | unaffected |
Weaknesses
References
- https://git.kernel.org/stable/c/fa4056781ac067b5946c6811459e1a36842047fd
- https://git.kernel.org/stable/c/28aea8ae6cf212a5bf3ed962b27921e2029ad754
- https://git.kernel.org/stable/c/8f121dfb15f7b4ab345992ce96003eb63fd608f4
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.