摘要:
In the Linux kernel, the following vulnerability has been resolved:
scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
If command timeout happens and cq complete IRQ is raised at the same time,
ufshcd_mcq_abort clears lprb->cmd and a NULL pointer deref happens in the
ISR. Error log:
ufshcd_abort: Device abort task at tag 18
Unable to handle kernel NULL pointer dereference at virtual address
0000000000000108
pc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44
lr : [0xffffffe27f1b898c] ufshcd_release_scsi_cmd+0x24/0x114
安全等级: Low
公告ID: KylinSec-SA-2024-2485
发布日期: 2024年5月30日
关联CVE: CVE-2023-52785
In the Linux kernel, the following vulnerability has been resolved:
scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR
If command timeout happens and cq complete IRQ is raised at the same time,
ufshcd_mcq_abort clears lprb->cmd and a NULL pointer deref happens in the
ISR. Error log:
ufshcd_abort: Device abort task at tag 18
Unable to handle kernel NULL pointer dereference at virtual address
0000000000000108
pc : [0xffffffe27ef867ac] scsi_dma_unmap+0xc/0x44
lr : [0xffffffe27f1b898c] ufshcd_release_scsi_cmd+0x24/0x114
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2023-52785 | KY3.4-4A | kernel | Unaffected |
| CVE-2023-52785 | KY3.4-5 | kernel | Unaffected |
| CVE-2023-52785 | KY3.5.1 | kernel | Unaffected |
| CVE-2023-52785 | KY3.5.3 | kernel | Unaffected |
| CVE-2023-52785 | V6 | kernel | Unaffected |
