CVE-2023-53814

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> PCI: Fix dropping valid root bus resources with .end = zero<br /> <br /> On r8a7791/koelsch:<br /> <br /> kmemleak: 1 new suspected memory leaks (see /sys/kernel/debug/kmemleak)<br /> # cat /sys/kernel/debug/kmemleak<br /> unreferenced object 0xc3a34e00 (size 64):<br /> comm "swapper/0", pid 1, jiffies 4294937460 (age 199.080s)<br /> hex dump (first 32 bytes):<br /> b4 5d 81 f0 b4 5d 81 f0 c0 b0 a2 c3 00 00 00 00 .]...]..........<br /> 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................<br /> backtrace:<br /> [] __kmalloc+0xf0/0x140<br /> [] resource_list_create_entry+0x18/0x38<br /> [] pci_add_resource_offset+0x20/0x68<br /> [] devm_of_pci_get_host_bridge_resources.constprop.0+0xb0/0x390<br /> <br /> When coalescing two resources for a contiguous aperture, the second<br /> resource is enlarged to cover the full contiguous range, while the first<br /> resource is marked invalid. This invalidation is done by clearing the<br /> flags, start, and end members.<br /> <br /> When adding the initial resources to the bus later, invalid resources are<br /> skipped. Unfortunately, the check for an invalid resource considers only<br /> the end member, causing false positives.<br /> <br /> E.g. on r8a7791/koelsch, root bus resource 0 ("bus 00") is skipped, and no<br /> longer registered with pci_bus_insert_busn_res() (causing the memory leak),<br /> nor printed:<br /> <br /> pci-rcar-gen2 ee090000.pci: host bridge /soc/pci@ee090000 ranges:<br /> pci-rcar-gen2 ee090000.pci: MEM 0x00ee080000..0x00ee08ffff -&gt; 0x00ee080000<br /> pci-rcar-gen2 ee090000.pci: PCI: revision 11<br /> pci-rcar-gen2 ee090000.pci: PCI host bridge to bus 0000:00<br /> -pci_bus 0000:00: root bus resource [bus 00]<br /> pci_bus 0000:00: root bus resource [mem 0xee080000-0xee08ffff]<br /> <br /> Fix this by only skipping resources where all of the flags, start, and end<br /> members are zero.