CVE-2023-54186

EUVD-2023-60455
In the Linux kernel, the following vulnerability has been resolved:

usb: typec: altmodes/displayport: fix pin_assignment_show

This patch fixes negative indexing of buf array in pin_assignment_show
when get_current_pin_assignments returns 0 i.e. no compatible pin
assignments are found.

BUG: KASAN: use-after-free in pin_assignment_show+0x26c/0x33c
...
Call trace:
dump_backtrace+0x110/0x204
dump_stack_lvl+0x84/0xbc
print_report+0x358/0x974
kasan_report+0x9c/0xfc
__do_kernel_fault+0xd4/0x2d4
do_bad_area+0x48/0x168
do_tag_check_fault+0x24/0x38
do_mem_abort+0x6c/0x14c
el1_abort+0x44/0x68
el1h_64_sync_handler+0x64/0xa4
el1h_64_sync+0x78/0x7c
pin_assignment_show+0x26c/0x33c
dev_attr_show+0x50/0xc0
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
UNKNOWN
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 10%
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.148-1
fixed
bookworm (security)
6.1.158-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.247-1
fixed
forky
6.17.13-1
fixed
sid
6.17.13-1
fixed
trixie
6.12.57-1
fixed
trixie (security)
6.12.48-1
fixed
References
https://git.kernel.org/stable/c/08bd1be1c716fd50a7df48f82dcbc59a103082b5
https://git.kernel.org/stable/c/0e61a7432fcd4bca06f05b7f1c7d7cb461880fe2
https://git.kernel.org/stable/c/4f9c0a7c272626cb6716ffc7800e8c73260cdce6
https://git.kernel.org/stable/c/54ee23e4ab263a495ace1eed43d3883212ece17f
https://git.kernel.org/stable/c/d8f28269dd4bf9b55c3fb376ae31512730a96fce
https://git.kernel.org/stable/c/fc0e18f95c88435bd8a1ceb540243cd7fbcd9781
https://git.kernel.org/stable/c/ff466f77d0a56719979c4234abd412abd98eae8f