CVE-2023-53217

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> nubus: Partially revert proc_create_single_data() conversion<br /> <br /> The conversion to proc_create_single_data() introduced a regression<br /> whereby reading a file in /proc/bus/nubus results in a seg fault:<br /> <br /> # grep -r . /proc/bus/nubus/e/<br /> Data read fault at 0x00000020 in Super Data (pc=0x1074c2)<br /> BAD KERNEL BUSERR<br /> Oops: 00000000<br /> Modules linked in:<br /> PC: [] PDE_DATA+0xc/0x16<br /> SR: 2010 SP: 38284958 a2: 01152370<br /> d0: 00000001 d1: 01013000 d2: 01002790 d3: 00000000<br /> d4: 00000001 d5: 0008ce2e a0: 00000000 a1: 00222a40<br /> Process grep (pid: 45, task=142f8727)<br /> Frame format=B ssw=074d isc=2008 isb=4e5e daddr=00000020 dobuf=01199e70<br /> baddr=001074c8 dibuf=ffffffff ver=f<br /> Stack from 01199e48:<br /> 01199e70 00222a58 01002790 00000000 011a3000 01199eb0 015000c0 00000000<br /> 00000000 01199ec0 01199ec0 000d551a 011a3000 00000001 00000000 00018000<br /> d003f000 00000003 00000001 0002800d 01052840 01199fa8 c01f8000 00000000<br /> 00000029 0b532b80 00000000 00000000 00000029 0b532b80 01199ee4 00103640<br /> 011198c0 d003f000 00018000 01199fa8 00000000 011198c0 00000000 01199f4c<br /> 000b3344 011198c0 d003f000 00018000 01199fa8 00000000 00018000 011198c0<br /> Call Trace: [] nubus_proc_rsrc_show+0x18/0xa0<br /> [] seq_read+0xc4/0x510<br /> [] fp_fcos+0x2/0x82<br /> [] __sys_setreuid+0x115/0x1c6<br /> [] proc_reg_read+0x5c/0xb0<br /> [] fp_fcos+0x2/0x82<br /> [] __vfs_read+0x2c/0x13c<br /> [] fp_fcos+0x2/0x82<br /> [] fp_fcos+0x2/0x82<br /> [] sys_statx+0x60/0x7e<br /> [] vfs_read+0x62/0x12a<br /> [] fp_fcos+0x2/0x82<br /> [] fp_fcos+0x2/0x82<br /> [] ksys_read+0x48/0xbe<br /> [] fp_fcos+0x2/0x82<br /> [] sys_read+0x16/0x1a<br /> [] fp_fcos+0x2/0x82<br /> [] syscall+0x8/0xc<br /> [] fp_fcos+0x2/0x82<br /> [] not_ext+0xa/0x18<br /> Code: 4e5e 4e75 4e56 0000 206e 0008 2068 ffe8 0020 2008 4e5e 4e75 4e56 0000 2f0b 206e 0008 2068 0004 2668 0020 206b ffe8<br /> Disabling lock debugging due to kernel taint<br /> <br /> Segmentation fault<br /> <br /> The proc_create_single_data() conversion does not work because<br /> single_open(file, nubus_proc_rsrc_show, PDE_DATA(inode)) is not<br /> equivalent to the original code.