CVE-2023-53856

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> of: overlay: Call of_changeset_init() early<br /> <br /> When of_overlay_fdt_apply() fails, the changeset may be partially<br /> applied, and the caller is still expected to call of_overlay_remove() to<br /> clean up this partial state.<br /> <br /> However, of_overlay_apply() calls of_resolve_phandles() before<br /> init_overlay_changeset(). Hence if the overlay fails to apply due to an<br /> unresolved symbol, the overlay_changeset.cset.entries list is still<br /> uninitialized, and cleanup will crash with a NULL-pointer dereference in<br /> overlay_removal_is_ok().<br /> <br /> Fix this by moving the call to of_changeset_init() from<br /> init_overlay_changeset() to of_overlay_fdt_apply(), where all other<br /> early initialization is done.