CVE-2023-54044
Description
In the Linux kernel, the following vulnerability has been resolved:
spmi: Add a check for remove callback when removing a SPMI driver
When removing a SPMI driver, there can be a crash due to NULL pointer dereference if it does not have a remove callback defined. This is one such call trace observed when removing the QCOM SPMI PMIC driver:
dump_backtrace.cfi_jt+0x0/0x8 dump_stack_lvl+0xd8/0x16c panic+0x188/0x498 __cfi_slowpath+0x0/0x214 __cfi_slowpath+0x1dc/0x214 spmi_drv_remove+0x16c/0x1e0 device_release_driver_internal+0x468/0x79c driver_detach+0x11c/0x1a0 bus_remove_driver+0xc4/0x124 driver_unregister+0x58/0x84 cleanup_module+0x1c/0xc24 [qcom_spmi_pmic] __do_sys_delete_module+0x3ec/0x53c __arm64_sys_delete_module+0x18/0x28 el0_svc_common+0xdc/0x294 el0_svc+0x38/0x9c el0_sync_handler+0x8c/0xf0 el0_sync+0x1b4/0x1c0
If a driver has all its resources allocated through devm_() APIs and does not need any other explicit cleanup, it would not require a remove callback to be defined. Hence, add a check for remove callback presence before calling it when removing a SPMI driver.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
38- osv-coords36 versionspkg:linux/kernelpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_34&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSS
>= 3.15.0, < 4.14.315+ 35 more
- (no CPE)range: >= 3.15.0, < 4.14.315
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150500.55.133.1.150500.6.65.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 1-150500.11.3.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.13.118.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.13.118.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
- (no CPE)range: < 5.14.21-150500.55.133.1
Patches
Vulnerability mechanics
References
9- git.kernel.org/stable/c/0f3ef30c1c05502f5de3b73b3715d5994845c1b4nvd
- git.kernel.org/stable/c/428cc252701d6864151f3a296ffc23e1e49a7408nvd
- git.kernel.org/stable/c/54dda732225555dc6d660e95793c54a0a44b612cnvd
- git.kernel.org/stable/c/699949219e35fe29fd42ccf8cd92c989c3d15109nvd
- git.kernel.org/stable/c/af763c29b9e7040fedd0077bca053b101438a3a4nvd
- git.kernel.org/stable/c/b56eef3e16d888883fefab47425036de80dd38fcnvd
- git.kernel.org/stable/c/b95a69214daea4aab1c8bad96571d988a62e2c97nvd
- git.kernel.org/stable/c/c45ab3ab9c371c9ac22bbe1217e5abb2e55a3d4bnvd
- git.kernel.org/stable/c/ee0b6146317a98bfec848d7bde5586beb245a38fnvd
News mentions
0No linked articles in our index yet.