CVE-2024-53232

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> iommu/s390: Implement blocking domain<br /> <br /> This fixes a crash when surprise hot-unplugging a PCI device. This crash<br /> happens because during hot-unplug __iommu_group_set_domain_nofail()<br /> attaching the default domain fails when the platform no longer<br /> recognizes the device as it has already been removed and we end up with<br /> a NULL domain pointer and UAF. This is exactly the case referred to in<br /> the second comment in __iommu_device_set_domain() and just as stated<br /> there if we can instead attach the blocking domain the UAF is prevented<br /> as this can handle the already removed device. Implement the blocking<br /> domain to use this handling. With this change, the crash is fixed but<br /> we still hit a warning attempting to change DMA ownership on a blocked<br /> device.