CVE-2023-53640

BUG: KASAN: slab-out-of-bounds in regcacheflatread+0x10c/0x110 Read of size 4 at addr ffffff8088fbf714 by task syz-executor.4/14144 CPU: 6 PID: 14144 Comm: syz-executor.4 Tainted: G W Hardware name: Qualcomm Technologies, Inc. sc7280 CRD platform (rev5+) (DT) Call trace: dumpbacktrace+0x0/0x4ec showstack+0x34/0x50 dumpstacklvl+0xdc/0x11c printaddressdescription+0x30/0x2d8 kasanreport+0x178/0x1e4 _asanreportload4noabort+0x44/0x50 regcacheflatread+0x10c/0x110 regcacheread+0xf8/0x5a0 regmapread+0x45c/0x86c regmapupdatebits+0x128/0x290 regmapupdatebitsbase+0xc0/0x15c sndsoccomponentupdatebits+0xa8/0x22c sndsoccomponentwritefield+0x68/0xd4 txmacroputdecenum+0x1d0/0x268 sndctlelem_write+0x288/0x474

By Error checking and checking valid values issue gets rectifies.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53640.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

c39667ddcfc516fee084e449179d54430a558298

Fixed

8f1512d78b5de928f4616a871e77b58fd546e651

Fixed

8d81d3b0ed3610d24191d24f8e9e20f6775f0cc5

Fixed

f5e61e3fe799ba2fda4320af23d26d28c3302045

Fixed

75e5fab7db0cecb6e16b22c34608f0b40a4c7cd1

Affected versions

v5.*

v5.11

v5.11-rc4

v5.11-rc5

v5.11-rc6

v5.11-rc7

v5.12

v5.12-rc1

v5.12-rc1-dontuse

v5.12-rc2

v5.12-rc3

v5.12-rc4

v5.12-rc5

v5.12-rc6

v5.12-rc7

v5.12-rc8

v5.13

v5.13-rc1

v5.13-rc2

v5.13-rc3

v5.13-rc4

v5.13-rc5

v5.13-rc6

v5.13-rc7

v5.14

v5.14-rc1

v5.14-rc2

v5.14-rc3

v5.14-rc4

v5.14-rc5

v5.14-rc6

v5.14-rc7

v5.15

v5.15-rc1

v5.15-rc2

v5.15-rc3

v5.15-rc4

v5.15-rc5

v5.15-rc6

v5.15-rc7

v5.15.1

v5.15.10

v5.15.100

v5.15.101

v5.15.102

v5.15.103

v5.15.104

v5.15.105

v5.15.106

v5.15.107

v5.15.108

v5.15.109

v5.15.11

v5.15.110

v5.15.111

v5.15.112

v5.15.113

v5.15.12

v5.15.13

v5.15.14

v5.15.15

v5.15.16

v5.15.17

v5.15.18

v5.15.19

v5.15.2

v5.15.20

v5.15.21

v5.15.22

v5.15.23

v5.15.24

v5.15.25

v5.15.26

v5.15.27

v5.15.28

v5.15.29

v5.15.3

v5.15.30

v5.15.31

v5.15.32

v5.15.33

v5.15.34

v5.15.35

v5.15.36

v5.15.37

v5.15.38

v5.15.39

v5.15.4

v5.15.40

v5.15.41

v5.15.42

v5.15.43

v5.15.44

v5.15.45

v5.15.46

v5.15.47

v5.15.48

v5.15.49

v5.15.5

v5.15.50

v5.15.51

v5.15.52

v5.15.53

v5.15.54

v5.15.55

v5.15.56

v5.15.57

v5.15.58

v5.15.59

v5.15.6

v5.15.60

v5.15.61

v5.15.62

v5.15.63

v5.15.64

v5.15.65

v5.15.66

v5.15.67

v5.15.68

v5.15.69

v5.15.7

v5.15.70

v5.15.71

v5.15.72

v5.15.73

v5.15.74

v5.15.75

v5.15.76

v5.15.77

v5.15.78

v5.15.79

v5.15.8

v5.15.80

v5.15.81

v5.15.82

v5.15.83

v5.15.84

v5.15.85

v5.15.86

v5.15.87

v5.15.88

v5.15.89

v5.15.9

v5.15.90

v5.15.91

v5.15.92

v5.15.93

v5.15.94

v5.15.95

v5.15.96

v5.15.97

v5.15.98

v5.15.99

v5.16

v5.16-rc1

v5.16-rc2

v5.16-rc3

v5.16-rc4

v5.16-rc5

v5.16-rc6

v5.16-rc7

v5.16-rc8

v5.17

v5.17-rc1

v5.17-rc2

v5.17-rc3

v5.17-rc4

v5.17-rc5

v5.17-rc6

v5.17-rc7

v5.17-rc8

v5.18

v5.18-rc1

v5.18-rc2

v5.18-rc3

v5.18-rc4

v5.18-rc5

v5.18-rc6

v5.18-rc7

v5.19

v5.19-rc1

v5.19-rc2

v5.19-rc3

v5.19-rc4

v5.19-rc5

v5.19-rc6

v5.19-rc7

v5.19-rc8

v6.*

v6.0

v6.0-rc1

v6.0-rc2

v6.0-rc3

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.16

v6.1.17

v6.1.18

v6.1.19

v6.1.2

v6.1.20

v6.1.21

v6.1.22

v6.1.23

v6.1.24

v6.1.25

v6.1.26

v6.1.27

v6.1.28

v6.1.29

v6.1.3

v6.1.30

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.1.9

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.3

v6.3-rc1

v6.3-rc2

v6.3-rc3

v6.3-rc4

v6.3-rc5

v6.3-rc6

v6.3-rc7

v6.3.1

v6.3.2

v6.3.3

v6.3.4

v6.4-rc1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53640.json"

vanir_signatures

[
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75e5fab7db0cecb6e16b22c34608f0b40a4c7cd1",
        "id": "CVE-2023-53640-68a787f3",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "78127813273793113422768915049626966801",
                "81649526541132487698575795787809344676",
                "93957431897928210278105546733331790834",
                "106170970412905663255050090959006680608",
                "330910133211631397755680799197248283084",
                "292066337123935038313263628146665313405",
                "7821722450638170902449878838760877133",
                "232871096569632238475293491889450041368"
            ]
        },
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53640-744771bb",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8d81d3b0ed3610d24191d24f8e9e20f6775f0cc5",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c",
            "function": "tx_macro_put_dec_enum"
        },
        "digest": {
            "function_hash": "316030811821764558214866321161098241578",
            "length": 1255.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8f1512d78b5de928f4616a871e77b58fd546e651",
        "id": "CVE-2023-53640-82ed5d8b",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c",
            "function": "tx_macro_put_dec_enum"
        },
        "signature_version": "v1",
        "digest": {
            "function_hash": "316030811821764558214866321161098241578",
            "length": 1255.0
        },
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8d81d3b0ed3610d24191d24f8e9e20f6775f0cc5",
        "id": "CVE-2023-53640-96ca6356",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "78127813273793113422768915049626966801",
                "81649526541132487698575795787809344676",
                "93957431897928210278105546733331790834",
                "106170970412905663255050090959006680608",
                "330910133211631397755680799197248283084",
                "292066337123935038313263628146665313405",
                "7821722450638170902449878838760877133",
                "78612413999003628674101584429282985855"
            ]
        },
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "id": "CVE-2023-53640-a1074b42",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f5e61e3fe799ba2fda4320af23d26d28c3302045",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c"
        },
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "78127813273793113422768915049626966801",
                "81649526541132487698575795787809344676",
                "93957431897928210278105546733331790834",
                "106170970412905663255050090959006680608",
                "330910133211631397755680799197248283084",
                "292066337123935038313263628146665313405",
                "7821722450638170902449878838760877133",
                "232871096569632238475293491889450041368"
            ]
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Line"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f5e61e3fe799ba2fda4320af23d26d28c3302045",
        "id": "CVE-2023-53640-b70cfe76",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c",
            "function": "tx_macro_put_dec_enum"
        },
        "digest": {
            "function_hash": "218903522512486350828743873161063027000",
            "length": 1341.0
        },
        "signature_version": "v1",
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@75e5fab7db0cecb6e16b22c34608f0b40a4c7cd1",
        "id": "CVE-2023-53640-ce9a36b2",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c",
            "function": "tx_macro_put_dec_enum"
        },
        "signature_version": "v1",
        "digest": {
            "function_hash": "218903522512486350828743873161063027000",
            "length": 1341.0
        },
        "deprecated": false,
        "signature_type": "Function"
    },
    {
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@8f1512d78b5de928f4616a871e77b58fd546e651",
        "id": "CVE-2023-53640-f134c568",
        "target": {
            "file": "sound/soc/codecs/lpass-tx-macro.c"
        },
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "78127813273793113422768915049626966801",
                "81649526541132487698575795787809344676",
                "93957431897928210278105546733331790834",
                "106170970412905663255050090959006680608",
                "330910133211631397755680799197248283084",
                "292066337123935038313263628146665313405",
                "7821722450638170902449878838760877133",
                "78612413999003628674101584429282985855"
            ]
        },
        "deprecated": false,
        "signature_type": "Line"
    }
]

Git / github.com/gregkh/linux