CVE-2023-53395

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer<br /> <br /> ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5<br /> <br /> According to the ACPI specification 19.6.134, no argument is required to be passed for ASL Timer instruction. For taking care of no argument, AML_NO_OPERAND_RESOLVE flag is added to ASL Timer instruction opcode.<br /> <br /> When ASL timer instruction interpreted by ACPI interpreter, getting error. After adding AML_NO_OPERAND_RESOLVE flag to ASL Timer instruction opcode, issue is not observed.<br /> <br /> =============================================================<br /> UBSAN: array-index-out-of-bounds in acpica/dswexec.c:401:12 index -1 is out of range for type &amp;#39;union acpi_operand_object *[9]&amp;#39;<br /> CPU: 37 PID: 1678 Comm: cat Not tainted<br /> 6.0.0-dev-th500-6.0.y-1+bcf8c46459e407-generic-64k<br /> HW name: NVIDIA BIOS v1.1.1-d7acbfc-dirty 12/19/2022 Call trace:<br /> dump_backtrace+0xe0/0x130<br /> show_stack+0x20/0x60<br /> dump_stack_lvl+0x68/0x84<br /> dump_stack+0x18/0x34<br /> ubsan_epilogue+0x10/0x50<br /> __ubsan_handle_out_of_bounds+0x80/0x90<br /> acpi_ds_exec_end_op+0x1bc/0x6d8<br /> acpi_ps_parse_loop+0x57c/0x618<br /> acpi_ps_parse_aml+0x1e0/0x4b4<br /> acpi_ps_execute_method+0x24c/0x2b8<br /> acpi_ns_evaluate+0x3a8/0x4bc<br /> acpi_evaluate_object+0x15c/0x37c<br /> acpi_evaluate_integer+0x54/0x15c<br /> show_power+0x8c/0x12c [acpi_power_meter]