CVE-2023-52802 - Resolving Linux Kernel Vulnerability in "iio: adc: stm32-adc" against NULL Pointer Dereference

In the Linux kernel, a vulnerability has been addressed - specifically, in the "iio: adc: stm32-adc" module. The vulnerability involves potential NULL pointer dereference in the stm32_adc_probe() function. Even though there is no known practical way to trigger this vulnerability as of now, it is crucial to harden the code to mitigate future risks.

Resolution Details

The vulnerability was found in the function that deals with stm32_adc_probe(). When the of_match_device() function is used, it may fail and return a NULL pointer. To resolve this issue, the code has been hardened by adding a check to prevent the NULL pointer from causing any harm.

Below is the code snippet that shows the changes made to fix the vulnerability

diff --git a/drivers/iio/adc/stm32-adc.c b/drivers/iio/adc/stm32-adc.c
index 9afd5..8ac27 100644
--- a/drivers/iio/adc/stm32-adc.c
+++ b/drivers/iio/adc/stm32-adc.c
@@ -1444,10 +1444,12 @@ static int stm32_adc_probe(struct platform_device *pdev)
                iio_device_unregister(indio_dev);
                return ret;
        }
 
        adcinfo = of_match_device(stm32_match, &pdev->dev);
+       if (!adcinfo)
+               return -EINVAL;
 
        /* Get channels  */
        ret = stm32_adc_core_get_data(pdev->dev.parent, adc->common);
        if (ret)

This change strengthens the code and makes it more robust against potential issues caused by NULL pointer dereference.

Original References:

1. Linux kernel source repository - stm32-adc
2. of_match_device() documentation
3. stm32_adc_probe() documentation

Exploit Details

Although there is currently no known method to exploit this vulnerability, it is essential to take proactive measures and harden the code. Adding the check to ensure the pointer is not NULL mitigates the risk of potential security issues arising in the future. By implementing this change, future updates to the Linux kernel that could inadvertently provide a way to trigger the vulnerability will not pose a threat to system stability and integrity.

Timeline

Published on: 05/21/2024 16:15:18 UTC
Last modified on: 05/24/2024 01:14:17 UTC