- Description
- In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown: <process ctx>: <IRQ>: lpuart32_shutdown() lpuart_dma_shutdown() del_timer_sync() lpuart_dma_rx_complete() lpuart_copy_rx_to_tty() mod_timer() lpuart_dma_rx_free() When the timer fires a bit later, sport->dma_rx_desc is NULL: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000004 pc : lpuart_copy_rx_to_tty+0xcc/0x5bc lr : lpuart_timer_func+0x1c/0x2c Call trace: lpuart_copy_rx_to_tty lpuart_timer_func call_timer_fn __run_timers.part.0 run_timer_softirq __do_softirq __irq_exit_rcu irq_exit handle_domain_irq gic_handle_irq call_on_irq_stack do_interrupt_handler ... To fix this fold del_timer_sync() into lpuart_dma_rx_free() after dmaengine_terminate_sync() to make sure timer will not be re-started in lpuart_copy_rx_to_tty() <= lpuart_dma_rx_complete().
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Analyzed
- Products
- linux_kernel
CVSS 3.1
- Type
- Primary
- Base score
- 4.7
- Impact score
- 3.6
- Exploitability score
- 1
- Vector string
- CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
- nvd@nist.gov
- CWE-362
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "61CE8743-D751-40A8-950D-D06102297B58",
"versionEndExcluding": "3.19",
"versionStartIncluding": "3.18.9"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "81BB79F1-557B-4785-94D0-0DDD776FDC44",
"versionEndExcluding": "5.10.177",
"versionStartIncluding": "3.19.1"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0888AE70-CB0A-45C0-B9BD-A5371244C8DB",
"versionEndExcluding": "5.15.105",
"versionStartIncluding": "5.11"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C6396026-EF6B-4933-AF27-B3AFE6E5506D",
"versionEndExcluding": "6.1.23",
"versionStartIncluding": "5.16"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4011EC6B-7786-4709-B765-186FA31D6F7F",
"versionEndExcluding": "6.2.8",
"versionStartIncluding": "6.2"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB"
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431"
}
],
"operator": "OR"
}
]
}
]