CVE-2022-49847

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload<br /> <br /> Move am65_cpsw_nuss_phylink_cleanup() call to after<br /> am65_cpsw_nuss_cleanup_ndev() so phylink is still valid<br /> to prevent the below Segmentation fault on module remove when<br /> first slave link is up.<br /> <br /> [ 31.652944] Unable to handle kernel paging request at virtual address 00040008000005f4<br /> [ 31.684627] Mem abort info:<br /> [ 31.687446] ESR = 0x0000000096000004<br /> [ 31.704614] EC = 0x25: DABT (current EL), IL = 32 bits<br /> [ 31.720663] SET = 0, FnV = 0<br /> [ 31.723729] EA = 0, S1PTW = 0<br /> [ 31.740617] FSC = 0x04: level 0 translation fault<br /> [ 31.756624] Data abort info:<br /> [ 31.759508] ISV = 0, ISS = 0x00000004<br /> [ 31.776705] CM = 0, WnR = 0<br /> [ 31.779695] [00040008000005f4] address between user and kernel address ranges<br /> [ 31.808644] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP<br /> [ 31.814928] Modules linked in: wlcore_sdio wl18xx wlcore mac80211 libarc4 cfg80211 rfkill crct10dif_ce phy_gmii_sel ti_am65_cpsw_nuss(-) sch_fq_codel ipv6<br /> [ 31.828776] CPU: 0 PID: 1026 Comm: modprobe Not tainted 6.1.0-rc2-00012-gfabfcf7dafdb-dirty #160<br /> [ 31.837547] Hardware name: Texas Instruments AM625 (DT)<br /> [ 31.842760] pstate: 40000005 (nZcv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)<br /> [ 31.849709] pc : phy_stop+0x18/0xf8<br /> [ 31.853202] lr : phylink_stop+0x38/0xf8<br /> [ 31.857031] sp : ffff80000a0839f0<br /> [ 31.860335] x29: ffff80000a0839f0 x28: ffff000000de1c80 x27: 0000000000000000<br /> [ 31.867462] x26: 0000000000000000 x25: 0000000000000000 x24: ffff80000a083b98<br /> [ 31.874589] x23: 0000000000000800 x22: 0000000000000001 x21: ffff000001bfba90<br /> [ 31.881715] x20: ffff0000015ee000 x19: 0004000800000200 x18: 0000000000000000<br /> [ 31.888842] x17: ffff800076c45000 x16: ffff800008004000 x15: 000058e39660b106<br /> [ 31.895969] x14: 0000000000000144 x13: 0000000000000144 x12: 0000000000000000<br /> [ 31.903095] x11: 000000000000275f x10: 00000000000009e0 x9 : ffff80000a0837d0<br /> [ 31.910222] x8 : ffff000000de26c0 x7 : ffff00007fbd6540 x6 : ffff00007fbd64c0<br /> [ 31.917349] x5 : ffff00007fbd0b10 x4 : ffff00007fbd0b10 x3 : ffff00007fbd3920<br /> [ 31.924476] x2 : d0a07fcff8b8d500 x1 : 0000000000000000 x0 : 0004000800000200<br /> [ 31.931603] Call trace:<br /> [ 31.934042] phy_stop+0x18/0xf8<br /> [ 31.937177] phylink_stop+0x38/0xf8<br /> [ 31.940657] am65_cpsw_nuss_ndo_slave_stop+0x28/0x1e0 [ti_am65_cpsw_nuss]<br /> [ 31.947452] __dev_close_many+0xa4/0x140<br /> [ 31.951371] dev_close_many+0x84/0x128<br /> [ 31.955115] unregister_netdevice_many+0x130/0x6d0<br /> [ 31.959897] unregister_netdevice_queue+0x94/0xd8<br /> [ 31.964591] unregister_netdev+0x24/0x38<br /> [ 31.968504] am65_cpsw_nuss_cleanup_ndev.isra.0+0x48/0x70 [ti_am65_cpsw_nuss]<br /> [ 31.975637] am65_cpsw_nuss_remove+0x58/0xf8 [ti_am65_cpsw_nuss]