CVE-2023-52449: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier

First published: Thu Feb 22 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both ftl.ko and gluebi.ko are loaded, the notifier of ftl triggers NULL pointer dereference when trying to access ‘gluebi->desc’ in gluebi_read(). ubi_gluebi_init ubi_register_volume_notifier ubi_enumerate_volumes ubi_notify_all gluebi_notify nb->notifier_call() gluebi_create mtd_device_register mtd_device_parse_register add_mtd_device blktrans_notify_add not->add() ftl_add_mtd tr->add_mtd() scan_header mtd_read mtd_read_oob mtd_read_oob_std gluebi_read mtd->read() gluebi->desc - NULL Detailed reproduction information available at the Link [1], In the normal case, obtain gluebi->desc in the gluebi_get_device(), and access gluebi->desc in the gluebi_read(). However, gluebi_get_device() is not executed in advance in the ftl_add_mtd() process, which leads to NULL pointer dereference. The solution for the gluebi module is to run jffs2 on the UBI volume without considering working with ftl or mtdblock [2]. Therefore, this problem can be avoided by preventing gluebi from creating the mtdblock device after creating mtd partition of the type MTD_UBIVOLUME.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Linux Linux kernel	>=2.6.31<4.19.306
Linux Linux kernel	>=4.20<5.4.268
Linux Linux kernel	>=5.5.0<5.10.209
Linux Linux kernel	>=5.11.0<5.15.148
Linux Linux kernel	>=5.16.0<6.1.75
Linux Linux kernel	>=6.2.0<6.6.14
Linux Linux kernel	>=6.7.0<6.7.2
ubuntu/linux	<4.15.0-227.239	4.15.0-227.239
ubuntu/linux	<5.4.0-176.196	5.4.0-176.196
ubuntu/linux	<5.15.0-102.112	5.15.0-102.112
ubuntu/linux	<6.5.0-41.41	6.5.0-41.41
ubuntu/linux	<6.8~	6.8~
ubuntu/linux	<4.4.0-257.291	4.4.0-257.291
ubuntu/linux-aws	<4.15.0-1170.183	4.15.0-1170.183
ubuntu/linux-aws	<5.4.0-1122.132	5.4.0-1122.132
ubuntu/linux-aws	<5.15.0-1057.63	5.15.0-1057.63
ubuntu/linux-aws	<6.5.0-1021.21	6.5.0-1021.21
ubuntu/linux-aws	<4.4.0-1134.140	4.4.0-1134.140
ubuntu/linux-aws	<6.8~	6.8~
ubuntu/linux-aws	<4.4.0-1172.187	4.4.0-1172.187
ubuntu/linux-aws-5.15	<5.15.0-1057.63~20.04.1	5.15.0-1057.63~20.04.1
ubuntu/linux-aws-5.15	<6.8~	6.8~
ubuntu/linux-aws-5.4	<5.4.0-1122.132~18.04.1	5.4.0-1122.132~18.04.1
ubuntu/linux-aws-5.4	<6.8~	6.8~
ubuntu/linux-aws-6.5	<6.8~	6.8~
ubuntu/linux-aws-fips	<6.8~	6.8~
ubuntu/linux-aws-hwe	<6.8~	6.8~
ubuntu/linux-aws-hwe	<4.15.0-1170.183~16.04.1	4.15.0-1170.183~16.04.1
ubuntu/linux-azure	<5.4.0-1127.134	5.4.0-1127.134
ubuntu/linux-azure	<5.15.0-1060.69	5.15.0-1060.69
ubuntu/linux-azure	<6.5.0-1022.23	6.5.0-1022.23
ubuntu/linux-azure	<4.15.0-1179.194~14.04.1	4.15.0-1179.194~14.04.1
ubuntu/linux-azure	<6.8~	6.8~
ubuntu/linux-azure	<4.15.0-1179.194~16.04.1	4.15.0-1179.194~16.04.1
ubuntu/linux-azure-4.15	<4.15.0-1179.194	4.15.0-1179.194
ubuntu/linux-azure-4.15	<6.8~	6.8~
ubuntu/linux-azure-5.15	<5.15.0-1060.69~20.04.1	5.15.0-1060.69~20.04.1
ubuntu/linux-azure-5.15	<6.8~	6.8~
ubuntu/linux-azure-5.4	<5.4.0-1127.134~18.04.1	5.4.0-1127.134~18.04.1
ubuntu/linux-azure-5.4	<6.8~	6.8~
ubuntu/linux-azure-6.5	<6.5.0-1022.23~22.04.1	6.5.0-1022.23~22.04.1
ubuntu/linux-azure-6.5	<6.8~	6.8~
ubuntu/linux-azure-fde	<5.15.0-1060.69.1	5.15.0-1060.69.1
ubuntu/linux-azure-fde	<6.8~	6.8~
ubuntu/linux-azure-fde-5.15	<5.15.0-1060.69~20.04.1.1	5.15.0-1060.69~20.04.1.1
ubuntu/linux-azure-fde-5.15	<6.8~	6.8~
ubuntu/linux-azure-fips	<6.8~	6.8~
ubuntu/linux-bluefield	<5.4.0-1082.89	5.4.0-1082.89
ubuntu/linux-bluefield	<6.8~	6.8~
ubuntu/linux-fips	<6.8~	6.8~
ubuntu/linux-gcp	<5.4.0-1126.135	5.4.0-1126.135
ubuntu/linux-gcp	<5.15.0-1055.63	5.15.0-1055.63
ubuntu/linux-gcp	<6.5.0-1022.24	6.5.0-1022.24
ubuntu/linux-gcp	<6.8~	6.8~
ubuntu/linux-gcp	<4.15.0-1164.181~16.04.1	4.15.0-1164.181~16.04.1
ubuntu/linux-gcp-4.15	<4.15.0-1164.181	4.15.0-1164.181
ubuntu/linux-gcp-4.15	<6.8~	6.8~
ubuntu/linux-gcp-5.15	<5.15.0-1055.63~20.04.1	5.15.0-1055.63~20.04.1
ubuntu/linux-gcp-5.15	<6.8~	6.8~
ubuntu/linux-gcp-5.4	<5.4.0-1126.135~18.04.1	5.4.0-1126.135~18.04.1
ubuntu/linux-gcp-5.4	<6.8~	6.8~
ubuntu/linux-gcp-6.5	<6.5.0-1022.24~22.04.1	6.5.0-1022.24~22.04.1
ubuntu/linux-gcp-6.5	<6.8~	6.8~
ubuntu/linux-gcp-fips	<6.8~	6.8~
ubuntu/linux-gke	<5.15.0-1054.59	5.15.0-1054.59
ubuntu/linux-gke	<6.8~	6.8~
ubuntu/linux-gkeop	<5.4.0-1089.93	5.4.0-1089.93
ubuntu/linux-gkeop	<5.15.0-1040.46	5.15.0-1040.46
ubuntu/linux-gkeop	<6.8~	6.8~
ubuntu/linux-gkeop-5.15	<5.15.0-1040.46~20.04.1	5.15.0-1040.46~20.04.1
ubuntu/linux-gkeop-5.15	<6.8~	6.8~
ubuntu/linux-hwe	<6.8~	6.8~
ubuntu/linux-hwe	<4.15.0-227.239~16.04.1	4.15.0-227.239~16.04.1
ubuntu/linux-hwe-5.15	<5.15.0-102.112~20.04.1	5.15.0-102.112~20.04.1
ubuntu/linux-hwe-5.15	<6.8~	6.8~
ubuntu/linux-hwe-5.4	<5.4.0-175.195~18.04.1	5.4.0-175.195~18.04.1
ubuntu/linux-hwe-5.4	<6.8~	6.8~
ubuntu/linux-hwe-6.5	<6.5.0-41.41~22.04.2	6.5.0-41.41~22.04.2
ubuntu/linux-hwe-6.5	<6.8~	6.8~
ubuntu/linux-ibm	<5.4.0-1069.74	5.4.0-1069.74
ubuntu/linux-ibm	<5.15.0-1050.53	5.15.0-1050.53
ubuntu/linux-ibm	<6.8~	6.8~
ubuntu/linux-ibm-5.15	<5.15.0-1050.53~20.04.1	5.15.0-1050.53~20.04.1
ubuntu/linux-ibm-5.15	<6.8~	6.8~
ubuntu/linux-ibm-5.4	<5.4.0-1069.74~18.04.1	5.4.0-1069.74~18.04.1
ubuntu/linux-ibm-5.4	<6.8~	6.8~
ubuntu/linux-intel	<6.8~	6.8~
ubuntu/linux-intel-iot-realtime	<6.8~	6.8~
ubuntu/linux-intel-iotg	<5.15.0-1052.58	5.15.0-1052.58
ubuntu/linux-intel-iotg	<6.8~	6.8~
ubuntu/linux-intel-iotg-5.15	<5.15.0-1052.58~20.04.1	5.15.0-1052.58~20.04.1
ubuntu/linux-intel-iotg-5.15	<6.8~	6.8~
ubuntu/linux-iot	<5.4.0-1034.35	5.4.0-1034.35
ubuntu/linux-iot	<6.8~	6.8~
ubuntu/linux-kvm	<4.15.0-1154.159	4.15.0-1154.159
ubuntu/linux-kvm	<5.4.0-1110.117	5.4.0-1110.117
ubuntu/linux-kvm	<5.15.0-1054.59	5.15.0-1054.59
ubuntu/linux-kvm	<6.8~	6.8~
ubuntu/linux-kvm	<4.4.0-1135.145	4.4.0-1135.145
ubuntu/linux-laptop	<6.5.0-1017.20	6.5.0-1017.20
ubuntu/linux-laptop	<6.8~	6.8~
ubuntu/linux-lowlatency	<5.15.0-102.112	5.15.0-102.112
ubuntu/linux-lowlatency	<6.5.0-41.41.1	6.5.0-41.41.1
ubuntu/linux-lowlatency	<6.8~	6.8~
ubuntu/linux-lowlatency-hwe-5.15	<5.15.0-102.112~20.04.1	5.15.0-102.112~20.04.1
ubuntu/linux-lowlatency-hwe-5.15	<6.8~	6.8~
ubuntu/linux-lowlatency-hwe-6.5	<6.5.0-41.41.1~22.04.1	6.5.0-41.41.1~22.04.1
ubuntu/linux-lowlatency-hwe-6.5	<6.8~	6.8~
ubuntu/linux-lowlatency-hwe-6.8	<6.8~	6.8~
ubuntu/linux-lts-xenial	<4.4.0-257.291~14.04.1	4.4.0-257.291~14.04.1
ubuntu/linux-lts-xenial	<6.8~	6.8~
ubuntu/linux-nvidia	<5.15.0-1048.48	5.15.0-1048.48
ubuntu/linux-nvidia	<6.8~	6.8~
ubuntu/linux-nvidia-6.5	<6.5.0-1021.22	6.5.0-1021.22
ubuntu/linux-nvidia-6.5	<6.8~	6.8~
ubuntu/linux-nvidia-6.8	<6.8~	6.8~
ubuntu/linux-nvidia-lowlatency	<6.8~	6.8~
ubuntu/linux-oem-6.1	<6.1.0-1035.35	6.1.0-1035.35
ubuntu/linux-oem-6.5	<6.5.0-1024.25	6.5.0-1024.25
ubuntu/linux-oem-6.5	<6.8~	6.8~
ubuntu/linux-oem-6.8	<6.8~	6.8~
ubuntu/linux-oracle	<4.15.0-1133.144	4.15.0-1133.144
ubuntu/linux-oracle	<5.4.0-1121.130	5.4.0-1121.130
ubuntu/linux-oracle	<5.15.0-1055.61	5.15.0-1055.61
ubuntu/linux-oracle	<6.5.0-1024.24	6.5.0-1024.24
ubuntu/linux-oracle	<6.8~	6.8~
ubuntu/linux-oracle	<4.15.0-1133.144~16.04.1	4.15.0-1133.144~16.04.1
ubuntu/linux-oracle-5.15	<5.15.0-1055.61~20.04.1	5.15.0-1055.61~20.04.1
ubuntu/linux-oracle-5.15	<6.8~	6.8~
ubuntu/linux-oracle-5.4	<5.4.0-1121.130~18.04.1	5.4.0-1121.130~18.04.1
ubuntu/linux-oracle-5.4	<6.8~	6.8~
ubuntu/linux-oracle-6.5	<6.5.0-1024.24~22.04.1	6.5.0-1024.24~22.04.1
ubuntu/linux-oracle-6.5	<6.8~	6.8~
ubuntu/linux-raspi	<5.4.0-1106.118	5.4.0-1106.118
ubuntu/linux-raspi	<5.15.0-1050.53	5.15.0-1050.53
ubuntu/linux-raspi	<6.5.0-1018.21	6.5.0-1018.21
ubuntu/linux-raspi	<6.8~	6.8~
ubuntu/linux-raspi-5.4	<5.4.0-1106.118~18.04.1	5.4.0-1106.118~18.04.1
ubuntu/linux-raspi-5.4	<6.8~	6.8~
ubuntu/linux-raspi-realtime	<6.8~	6.8~
ubuntu/linux-realtime	<6.8~	6.8~
ubuntu/linux-riscv	<6.5.0-40.40.1	6.5.0-40.40.1
ubuntu/linux-riscv	<6.8~	6.8~
ubuntu/linux-riscv-5.15	<5.15.0-1053.57~20.04.1	5.15.0-1053.57~20.04.1
ubuntu/linux-riscv-5.15	<6.8~	6.8~
ubuntu/linux-riscv-6.5	<6.5.0-40.40.1~22.04.1	6.5.0-40.40.1~22.04.1
ubuntu/linux-riscv-6.5	<6.8~	6.8~
ubuntu/linux-riscv-6.8	<6.8~	6.8~
ubuntu/linux-starfive	<6.5.0-1015.16	6.5.0-1015.16
ubuntu/linux-starfive	<6.8~	6.8~
ubuntu/linux-starfive-6.5	<6.5.0-1015.16~22.04.1	6.5.0-1015.16~22.04.1
ubuntu/linux-starfive-6.5	<6.8~	6.8~
ubuntu/linux-xilinx-zynqmp	<5.4.0-1041.45	5.4.0-1041.45
ubuntu/linux-xilinx-zynqmp	<5.15.0-1030.34	5.15.0-1030.34
ubuntu/linux-xilinx-zynqmp	<6.8~	6.8~
debian/linux		5.10.223-1 6.1.106-3 6.1.99-1 6.10.6-1 6.10.7-1

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

agent/weakness
agent/title
agent/type
collector/launchpad-cve
source/Launchpad
agent/author
agent/first-publish-date
agent/description
agent/severity
agent/remedy
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/nvd-cve
agent/last-modified-date
agent/references
collector/mitre-cve
source/MITRE
agent/event
collector/usn-cve
source/Ubuntu
agent/softwarecombine
agent/tags
collector/security-tracker-debian
source/Debian
vendor/linux
canonical/linux linux kernel
version/linux linux kernel/2.6.31
version/linux linux kernel/4.20
version/linux linux kernel/5.5.0
version/linux linux kernel/5.11.0
version/linux linux kernel/5.16.0
version/linux linux kernel/6.2.0
version/linux linux kernel/6.7.0
package-manager/ubuntu
package-manager/debian

CVE-2023-52449: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

Company

Resources

Contact