CVE-2023-54095

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the powerpc/iommu subsystem related to the sharing of notifiers between PCI and VIO buses. The fail iommu setup() function registers the fail iommu bus notifier struct to both PCI and VIO buses, causing notifiers registered to one bus type to also be registered to the other due to the use of a linked list node. This can lead to issues, such as incorrect function calls and memory access errors, specifically observed in the vgaarb code where pci notify() is called on a VIO device. This results in a bad access within the vga arbiter add pci device() function. The issue is fixed by creating separate notifier block structs for each bus type.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.