CVE-2023-53428

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> powercap: arm_scmi: Remove recursion while parsing zones<br /> <br /> Powercap zones can be defined as arranged in a hierarchy of trees and when<br /> registering a zone with powercap_register_zone(), the kernel powercap<br /> subsystem expects this to happen starting from the root zones down to the<br /> leaves; on the other side, de-registration by powercap_deregister_zone()<br /> must begin from the leaf zones.<br /> <br /> Available SCMI powercap zones are retrieved dynamically from the platform<br /> at probe time and, while any defined hierarchy between the zones is<br /> described properly in the zones descriptor, the platform returns the<br /> availables zones with no particular well-defined order: as a consequence,<br /> the trees possibly composing the hierarchy of zones have to be somehow<br /> walked properly to register the retrieved zones from the root.<br /> <br /> Currently the ARM SCMI Powercap driver walks the zones using a recursive<br /> algorithm; this approach, even though correct and tested can lead to kernel<br /> stack overflow when processing a returned hierarchy of zones composed by<br /> particularly high trees.<br /> <br /> Avoid possible kernel stack overflow by substituting the recursive approach<br /> with an iterative one supported by a dynamically allocated stack-like data<br /> structure.