CVE-2023-52864

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> platform/x86: wmi: Fix opening of char device<br /> <br /> Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via<br /> file private data"), the miscdevice stores a pointer to itself inside<br /> filp-&gt;private_data, which means that private_data will not be NULL when<br /> wmi_char_open() is called. This might cause memory corruption should<br /> wmi_char_open() be unable to find its driver, something which can<br /> happen when the associated WMI device is deleted in wmi_free_devices().<br /> <br /> Fix the problem by using the miscdevice pointer to retrieve the WMI<br /> device data associated with a char device using container_of(). This<br /> also avoids wmi_char_open() picking a wrong WMI device bound to a<br /> driver with the same name as the original driver.