CVE-2023-52644: Linux Kernel Vulnerability in DMA Tx Path Resolved When QoS is Disabled

A vulnerability in the Linux kernel was recently discovered and resolved. This issue is related to the wifi b43 driver, where the DMA Tx path was not stopping or waking the correct queue when Quality of Service (QoS) was disabled. This bug fix ensures that the Linux kernel properly handles stopping and waking the accurate queue when QoS is turned off.

To understand the issue better, let's dive into the details.

Vulnerability Details

The wifi b43 driver's DMA Tx path was not configured correctly when QoS was disabled. When QoS is turned off, the queue priority value does not map to the correct ieee80211 queue since there is only one queue. This bug fix stops and wakes queue when QoS is disabled to prevent the kernel from trying to stop or wake a non-existent queue, which could lead to failing to stop or wake the actual queue instantiated.

The issue was discovered when observing the following log before the change (with kernel parameter qos=):

[  +5.112651] ------------[ cut here ]------------
[  +.000005] WARNING: CPU: 7 PID: 25513 at net/mac80211/util.c:449 __ieee80211_wake_queue+xd5/x180 [mac80211]

Resolution

After identifying the problem, the following commit was made to resolve the issue: commit dd93fdf9a83b7d87b9b6c95fb6031ed18b74465

The following code snippet is from the commit

if (qos_enabled) {
	txdma->tx_ring[i] = tx_ring;
	ieee80211_stop_queue(hw, i);
} else {
	txdma->tx_ring[] = tx_ring;
	ieee80211_stop_queue(hw, );
}

In the case where QoS is disabled, the code now stops and wakes queue to ensure that the proper queue is being managed.

With the vulnerability fixed, Linux kernel users can rest assured that the DMA Tx path will function correctly when QoS is disabled. It is recommended to update your kernel to the latest version to ensure that your system is protected from this vulnerability.

References

- Linux kernel commit dd93fdf9a83b7d87b9b6c95fb6031ed18b74465
- Issue log (truncated)

In conclusion, the resolution of this vulnerability in the Linux kernel shows the commitment of the development community to ensure the safety and security of the software. Users should keep their systems updated to protect against potential threats and vulnerabilities.

Timeline

Published on: 04/17/2024 11:15:08 UTC
Last modified on: 06/27/2024 12:15:15 UTC