CVE-2023-52860

Name	CVE-2023-52860
Description	In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process When tearing down a 'hisi_hns3' PMU, we mistakenly run the CPU hotplug callbacks after the device has been unregistered, leading to fireworks when we try to execute empty function callbacks within the driver: \| Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000 \| CPU: 0 PID: 15 Comm: cpuhp/0 Tainted: G W O 5.12.0-rc4+ #1 \| Hardware name: , BIOS KpxxxFPGA 1P B600 V143 04/22/2021 \| pstate: 80400009 (Nzcv daif +PAN -UAO -TCO BTYPE=--) \| pc : perf_pmu_migrate_context+0x98/0x38c \| lr : perf_pmu_migrate_context+0x94/0x38c \| \| Call trace: \| perf_pmu_migrate_context+0x98/0x38c \| hisi_hns3_pmu_offline_cpu+0x104/0x12c [hisi_hns3_pmu] Use cpuhp_state_remove_instance_nocalls() instead of cpuhp_state_remove_instance() so that the notifiers don't execute after the PMU device has been unregistered. [will: Rewrote commit message]
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
linux (PTS)	buster	4.19.249-2	fixed
	buster (security)	4.19.304-1	fixed
	bullseye	5.10.209-2	fixed
	bullseye (security)	5.10.218-1	fixed
	bookworm	6.1.76-1	fixed
	bookworm (security)	6.1.90-1	fixed
	sid, trixie	6.8.12-1	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version
linux	source	buster	(not affected)
linux	source	bullseye	(not affected)
linux	source	bookworm	6.1.64-1
linux	source	(unstable)	6.6.8-1

Notes

[bullseye] - linux <not-affected> (Vulnerable code not present)
[buster] - linux <not-affected> (Vulnerable code not present)
https://git.kernel.org/linus/50b560783f7f71790bcf70e9e9855155fb0af8c1 (6.7-rc1)