Linux Kernel CXL/RAS CPER Handler Vulnerability Leading to Device Confusion

A vulnerability in the Linux kernel's CXL/RAS component has been addressed, which involved the CPER handler's incorrect assumptions about device types and driver bindings. The function 'cxl_cper_handle_prot_err()' mistakenly presumed that endpoints mentioned in the error record were CXL-type-3 devices and that they were connected to the 'cxl_pci' driver. Additionally, it unnecessarily maintained the device lock during switch-port tracing, which could lead to crashes. The vulnerability has been fixed by ensuring that the PCIe endpoint is a 'cxl_memdev' before relying on driver data, and by adjusting the lock management to only where it is needed. This update also prepares the implementation for CXL accelerators not using the 'cxl_pci' driver.

Impact

The vulnerability could cause system crashes due to incorrect handling of device error records, particularly with CXL-type-3 devices not properly verified or managed.