Bug 2424957 (CVE-2023-54027) - CVE-2023-54027 kernel: iio: core: Prevent invalid memory access when there is no parent
Summary: CVE-2023-54027 kernel: iio: core: Prevent invalid memory access when there is...
Keywords:
Status: NEW
Alias: CVE-2023-54027
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-12-24 12:03 UTC by OSIDB Bzimport
Modified: 2025-12-25 13:08 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-12-24 12:03:40 UTC 
In the Linux kernel, the following vulnerability has been resolved:

iio: core: Prevent invalid memory access when there is no parent

Commit 813665564b3d ("iio: core: Convert to use firmware node handle
instead of OF node") switched the kind of nodes to use for label
retrieval in device registration.  Probably an unwanted change in that
commit was that if the device has no parent then NULL pointer is
accessed.  This is what happens in the stock IIO dummy driver when a
new entry is created in configfs:

  # mkdir /sys/kernel/config/iio/devices/dummy/foo
  BUG: kernel NULL pointer dereference, address: ...
  ...
  Call Trace:
  __iio_device_register
  iio_dummy_probe

Since there seems to be no reason to make a parent device of an IIO
dummy device mandatory, let’s prevent the invalid memory access in
__iio_device_register when the parent device is NULL.  With this
change, the IIO dummy driver works fine with configfs.
Comment 1 Alexander B 2025-12-25 13:04:34 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025122435-CVE-2023-54027-c1a0@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.