6 matches found
CVE-2022-49223 cxl/port: Hold port reference until decoder release
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...
CVE-2022-49223
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Hold port reference until decoder release KASAN + DEBUGKOBJECTRELEASE reports a potential use-after-free in cxldecoderrelease where it goes to reference its parent, a cxlport, to free its id back to port-decoderida. BUG...
CVE-2022-49223
The CVE-2022-49223 issue affects the Linux kernel, in the cxl/port path within cxl_core. The root cause is a use-after-free risk in cxl_decoder_release() when it dereferences its parent cxl_port to return an ID to port->decoder_ida, highlighting that the device core only guarantees parent life...
CVE-2023-52771
CVE-2023-52771 affects the Linux kernel CXL stack. The issue is a race between delete_endpoint() teardown and parent unregistration, which can impact the cxl_mem/cxl_port topology during port removal. The provided description states two fixes: (1) acquire a reference on the parent to prevent use‑...
CVE-2023-52771
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix deleteendpoint vs parent unregistration race The CXL subsystem, at cxlmem -probe time, establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL topology. Each port including th...
CVE-2023-52771 cxl/port: Fix delete_endpoint() vs parent unregistration race
In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix deleteendpoint vs parent unregistration race The CXL subsystem, at cxlmem -probe time, establishes a lineage of ports struct cxlport objects between an endpoint and the root of a CXL topology. Each port including th...