iommu/arm-smmu-v3:关机时不取消注册(CVE-2022-48894)

admin 2024-08-23 00:25:24 Ali_nvd 来源:ZONE.CI 全球网 0 阅读模式
iommu/arm-smmu-v3:关机时不取消注册(CVE-2022-48894)

CVE编号

CVE-2022-48894

利用情况

暂无

补丁情况

N/A

披露时间

2024-08-21
漏洞描述
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommu_device_unregister() from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods are optional in device drivers. This can lead to NULL pointer dereferences in those drivers' DMA API calls, or worse. Instead of calling the full arm_smmu_device_remove() from arm_smmu_device_shutdown(), let's pick only the relevant function call - arm_smmu_device_disable() - more or less the reverse of arm_smmu_device_reset() - and call just that from the shutdown path.
解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
https://git.kernel.org/stable/c/32ea2c57dc216b6ad8125fa680d31daa5d421c95
https://git.kernel.org/stable/c/ead3e6c79479890444c777fd329afc125fecde48
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
系统 debian_11 linux * Up to (excluding) 5.10.223-1
运行在以下环境
系统 debian_12 linux * Up to (excluding) 6.1.7-1
CVSS3评分 N/A
  • 攻击路径 N/A
  • 攻击复杂度 N/A
  • 权限要求 N/A
  • 影响范围 N/A
  • 用户交互 N/A
  • 可用性 N/A
  • 保密性 N/A
  • 完整性 N/A
N/A
CWE-ID 漏洞类型
- avd.aliyun.com
weinxin
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论:0   参与:  0