CVE-2023-53754

When iftype equals zero and pciresourcestart(pdev, PCI64BITBAR4) returns false, drblregsmemmapp is not remapped. This passes a NULL pointer to iounmap(), which can trigger a WARN() on certain arches.

When iftype equals six and pciresourcestart(pdev, PCI64BITBAR4) returns true, drblregsmemmapp may has been remapped and ctrlregsmemmap_p is not remapped. This is a resource leak and passes a NULL pointer to iounmap().

To fix these issues, we need to add null checks before iounmap(), and change some goto labels.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53754.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

1351e69fc6db30e186295f1c9495d03cef6a01a2

Fixed

74d90f92eafe8ccd12827228236a28a94eda6bcc

Fixed

bab8dc38b1a0a12bc064fc064269033bdcf5b88e

Fixed

fd8c83d8375b9dac1949f2753485a5c055ebfad0

Fixed

e6f1ef4a53856ed000b0f7265d7e16dcb00f4243

Fixed

631d0fab143bef85ea0813596f1dda36e2b9724c

Fixed

7e5a54d1f00725a739dcd20f616d82eff4f764bd

Fixed

91a0c0c1413239d0548b5aac4c82f38f6d53a91e

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53754.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.17.0

Fixed

5.4.243

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.180

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.111

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.28

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.2.15

Type: ECOSYSTEM
Events: Introduced

6.3.0

Fixed

6.3.2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53754.json"