Linux Kernel STM32 NAND Controller Overlapping Mappings Vulnerability

A vulnerability in the Linux kernel's handling of the STM32 FMC2 NAND flash controller has been addressed. The issue was caused by overlapping memory mappings on the Error Correction Code (ECC) buffer, which are not supported. This vulnerability was present in the Linux kernel version 6.1.82.

Impact

The vulnerability could lead to improper handling of DMA (Direct Memory Access) operations, potentially causing data corruption or incorrect ECC processing during NAND flash operations.

Reproduction

The vulnerability can be reproduced by using the STM32 FMC2 NAND flash controller with the default buffer configuration. The overlapping mappings issue will trigger a DMA-API warning, indicating that the cacheline tracking EEXIST error has occurred, as overlapping mappings are not supported.

Remediation

The vulnerability has been fixed by modifying the NAND controller driver to use a contiguous, non-cacheable buffer for the ECC data, preventing overlapping mappings. Users should update to the latest version of the Linux kernel where this fix has been applied.