Linux Kernel Vulnerability in cxl/pmem: Affected by nvdimm Registration Races
CVE-2023-54323
What is CVE-2023-54323?
A race condition in the nvdimm registration process within the Linux kernel's cxl/pmem component can lead to a kernel NULL pointer dereference. This typically manifests when executing repeated modprobe commands, resulting in a crash due to improper synchronization during nvdimm device registration. The issue arises when the asynchronous registration process does not complete before the context required for handling commands is torn down, leading to potential system instability. To resolve this, a synchronous registration path has been introduced, ensuring proper execution order and system reliability.
Affected Version(s)
Linux 21083f51521fb0f60dbac591f175c3ed48435af4
Linux 21083f51521fb0f60dbac591f175c3ed48435af4 < 18c65667fa9104780eeaa0dc1bc240f0c2094772
Linux 21083f51521fb0f60dbac591f175c3ed48435af4