CVE-2023-53472

Summary

In the Linux kernel, the following vulnerability has been resolved:

pwm: lpc32xx: Remove handling of PWM channels

Because LPC32xx PWM controllers have only a single output which is registered as the only PWM device/channel per controller, it is known in advance that pwm->hwpwm value is always 0. On basis of this fact simplify the code by removing operations with pwm->hwpwm, there is no controls which require channel number as input.

Even though I wasn't aware at the time when I forward ported that patch, this fixes a null pointer dereference as lpc32xx->chip.pwms is NULL before devm_pwmchip_add() is called.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxbb4de81eb940e7027f37a6fd3b7ddcb4403deb56 < abd9b2ee4047ccd980decbf26d61f9637604b1d5affected
LinuxLinux4459118977665f681017e1299933895d54b6e87b < a9a505f5b39d8fff1a55963a5e524c84639e98b2affected
LinuxLinux81e6b51709da162b94e40a445bb60856406beaa1 < 04301da4d87067a989f70ee56942bf9d97cd2a45affected
LinuxLinux322b70b522abe03cd59712bb47a72eddd835d19d < a2d9d884e84bfd37892219b1f55847f36d8e9901affected
LinuxLinux3d2813fb17e5fd0d73c1d1442ca0192bde4af10e < 5e22217c11424ef958ba28d03ff7167b4d7a8914affected
LinuxLinux3d2813fb17e5fd0d73c1d1442ca0192bde4af10e < 523f6268e86552a048975749251184c4e9a4b38faffected
LinuxLinux3d2813fb17e5fd0d73c1d1442ca0192bde4af10e < e3a0ddbaf7f1f9ffc070718b417461ced3268758affected
LinuxLinux3d2813fb17e5fd0d73c1d1442ca0192bde4af10e < 4aae44f65827f0213a7361cf9c32cfe06114473faffected
LinuxLinux7fc2172ad4e701d3c6e7dcb7b2efd8df71d2417baffected
LinuxLinux1c90a357cef4219cb436e59cc7463888103e104baffected
LinuxLinux4.14.248 < 4.14.326affected
LinuxLinux4.19.208 < 4.19.295affected
LinuxLinux5.4.149 < 5.4.257affected
LinuxLinux5.10.69 < 5.10.195affected
LinuxLinux4.9.284 < 4.10affected
LinuxLinux5.14.8 < 5.15affected
LinuxLinux5.15affected
LinuxLinux0 < 5.15unaffected
LinuxLinux4.14.326 <= 4.14.*unaffected
LinuxLinux4.19.295 <= 4.19.*unaffected
LinuxLinux5.4.257 <= 5.4.*unaffected
LinuxLinux5.10.195 <= 5.10.*unaffected
LinuxLinux5.15.132 <= 5.15.*unaffected
LinuxLinux6.1.54 <= 6.1.*unaffected
LinuxLinux6.5.4 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References