CVE-2023-53428

Summary

In the Linux kernel, the following vulnerability has been resolved:

powercap: arm_scmi: Remove recursion while parsing zones

Powercap zones can be defined as arranged in a hierarchy of trees and when registering a zone with powercap_register_zone(), the kernel powercap subsystem expects this to happen starting from the root zones down to the leaves; on the other side, de-registration by powercap_deregister_zone() must begin from the leaf zones.

Available SCMI powercap zones are retrieved dynamically from the platform at probe time and, while any defined hierarchy between the zones is described properly in the zones descriptor, the platform returns the availables zones with no particular well-defined order: as a consequence, the trees possibly composing the hierarchy of zones have to be somehow walked properly to register the retrieved zones from the root.

Currently the ARM SCMI Powercap driver walks the zones using a recursive algorithm; this approach, even though correct and tested can lead to kernel stack overflow when processing a returned hierarchy of zones composed by particularly high trees.

Avoid possible kernel stack overflow by substituting the recursive approach with an iterative one supported by a dynamically allocated stack-like data structure.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb55eef5226b71edf5422de246bc189da1fdc9000 < b427c23cebc5c926516f20304bf1acc05a33d147affected
LinuxLinuxb55eef5226b71edf5422de246bc189da1fdc9000 < 8022b64fb7daa6135d9f7b0e2f7b5b8e9e5179c9affected
LinuxLinuxb55eef5226b71edf5422de246bc189da1fdc9000 < 3e767d6850f867cc33ac16ca097350a1d2417982affected
LinuxLinux6.2affected
LinuxLinux0 < 6.2unaffected
LinuxLinux6.4.16 <= 6.4.*unaffected
LinuxLinux6.5.3 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References