CVE-2023-52792

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the cxl region attach() function in the Linux kernel, which can lead to a denial of service when cxl region setup targets() fails. This failure prevents endpoint and switch decoder resources from being reused, resulting in future dpa size store() calls returning -EBUSY and commit errors associated with the upstream switch. The proper cleanup for this case is to just return immediately, allowing resources to be cleaned up normally when the failed region is deleted. A new check has been added to prevent a p->targets[] array overflow.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.