CVE-2023-52570

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.0-rc2+

Description The issue is related to a null-ptr-deref bug in the mdev unregister parent() function. When probing mdpy.ko, if kstrdup() of create dir() fails, it will return 0 and probe successfully. However, when rmmod mdpy.ko is called, mdpy dev exit() will call mdev unregister parent(), which may cause a null-ptr-deref when traversing uninitialized parent->types[i] in parent remove sysfs files(). This can lead to a general protection fault.

To fix the issue, the code should return the error code and call kset unregister() when mdev type add() fails.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the null-ptr-deref bug in mdev unregister parent(). As a temporary workaround, consider disabling the mdev unregister parent() function until a patch is available.