CVE-2023-53144

Summary

In the Linux kernel, the following vulnerability has been resolved:

erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms

As the call trace shown, the root cause is kunmap incorrect pages:

BUG: kernel NULL pointer dereference, address: 00000000 CPU: 1 PID: 40 Comm: kworker/u5:0 Not tainted 6.2.0-rc5 #4 Workqueue: erofs_worker z_erofs_decompressqueue_work EIP: z_erofs_lzma_decompress+0x34b/0x8ac z_erofs_decompress+0x12/0x14 z_erofs_decompress_queue+0x7e7/0xb1c z_erofs_decompressqueue_work+0x32/0x60 process_one_work+0x24b/0x4d8 ? process_one_work+0x1a4/0x4d8 worker_thread+0x14c/0x3fc kthread+0xe6/0x10c ? rescuer_thread+0x358/0x358 ? kthread_complete_and_exit+0x18/0x18 ret_from_fork+0x1c/0x28 —[ end trace 0000000000000000 ]—

The bug is trivial and should be fixed now. It has no impact on !HIGHMEM platforms.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux622ceaddb7649ca328832f50ba1400af778d75fa < fa4056781ac067b5946c6811459e1a36842047fdaffected
LinuxLinux622ceaddb7649ca328832f50ba1400af778d75fa < 28aea8ae6cf212a5bf3ed962b27921e2029ad754affected
LinuxLinux622ceaddb7649ca328832f50ba1400af778d75fa < 8f121dfb15f7b4ab345992ce96003eb63fd608f4affected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.20 <= 6.1.*unaffected
LinuxLinux6.2.7 <= 6.2.*unaffected
LinuxLinux6.3 <= *unaffected

Weaknesses

References