CVE-2023-53986

*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> mips: bmips: BCM6358: disable RAC flush for TP1<br /> <br /> RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1:<br /> [ 3.881739] usb 1-1: new high-speed USB device number 2 using ehci-platform<br /> [ 3.895011] Reserved instruction in kernel code[#1]:<br /> [ 3.900113] CPU: 0 PID: 1 Comm: init Not tainted 5.10.16 #0<br /> [ 3.905829] $ 0 : 00000000 10008700 00000000 77d94060<br /> [ 3.911238] $ 4 : 7fd1f088 00000000 81431cac 81431ca0<br /> [ 3.916641] $ 8 : 00000000 ffffefff 8075cd34 00000000<br /> [ 3.922043] $12 : 806f8d40 f3e812b7 00000000 000d9aaa<br /> [ 3.927446] $16 : 7fd1f068 7fd1f080 7ff559b8 81428470<br /> [ 3.932848] $20 : 00000000 00000000 55590000 77d70000<br /> [ 3.938251] $24 : 00000018 00000010<br /> [ 3.943655] $28 : 81430000 81431e60 81431f28 800157fc<br /> [ 3.949058] Hi : 00000000<br /> [ 3.952013] Lo : 00000000<br /> [ 3.955019] epc : 80015808 setup_sigcontext+0x54/0x24c<br /> [ 3.960464] ra : 800157fc setup_sigcontext+0x48/0x24c<br /> [ 3.965913] Status: 10008703 KERNEL EXL IE<br /> [ 3.970216] Cause : 00800028 (ExcCode 0a)<br /> [ 3.974340] PrId : 0002a010 (Broadcom BMIPS4350)<br /> [ 3.979170] Modules linked in: ohci_platform ohci_hcd fsl_mph_dr_of ehci_platform ehci_fsl ehci_hcd gpio_button_hotplug usbcore nls_base usb_common<br /> [ 3.992907] Process init (pid: 1, threadinfo=(ptrval), task=(ptrval), tls=77e22ec8)<br /> [ 4.000776] Stack : 81431ef4 7fd1f080 81431f28 81428470 7fd1f068 81431edc 7ff559b8 81428470<br /> [ 4.009467] 81431f28 7fd1f080 55590000 77d70000 77d5498c 80015c70 806f0000 8063ae74<br /> [ 4.018149] 08100002 81431f28 0000000a 08100002 81431f28 0000000a 77d6b418 00000003<br /> [ 4.026831] ffffffff 80016414 80080734 81431ecc 81431ecc 00000001 00000000 04000000<br /> [ 4.035512] 77d54874 00000000 00000000 00000000 00000000 00000012 00000002 00000000<br /> [ 4.044196] ...<br /> [ 4.046706] Call Trace:<br /> [ 4.049238] [] setup_sigcontext+0x54/0x24c<br /> [ 4.054356] [] setup_frame+0xdc/0x124<br /> [ 4.059015] [] do_notify_resume+0x1dc/0x288<br /> [ 4.064207] [] work_notifysig+0x10/0x18<br /> [ 4.069036]<br /> [ 4.070538] Code: 8fc300b4 00001025 26240008 ac830004 3c048063 0c0228aa 24846a00 26240010<br /> [ 4.080686]<br /> [ 4.082517] ---[ end trace 22a8edb41f5f983b ]---<br /> [ 4.087374] Kernel panic - not syncing: Fatal exception<br /> [ 4.092753] Rebooting in 1 seconds..<br /> <br /> Because the bootloader (CFE) is not initializing the Read-ahead cache properly<br /> on the second thread (TP1). Since the RAC was not initialized properly, we<br /> should avoid flushing it at the risk of corrupting the instruction stream as<br /> seen in the trace above.