CVE-2023-22998: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-22998 was discovered in the Linux kernel before version 6.0.3, specifically affecting the drivers/gpu/drm/virtio/virtgpuobject.c component. The vulnerability was identified as a misinterpretation of the drmgemshmemgetsgtable return value, where the code expected it to be NULL in error cases, whereas it actually returns an error pointer (Debian Security).

The vulnerability stems from an incorrect error check in the virtio-gpu GPU driver. The issue occurs in the virtiogpuobjectshmeminit function where the code incorrectly checks for a NULL return value instead of using ISERR() to check for error pointers returned by drmgemshmemgetsgtable(). This was fixed by properly checking for error pointers using ISERR() and returning the appropriate error code using PTRERR() (GitHub Commit).

A local user with access to a virtio-gpu device might be able to exploit this vulnerability to cause a denial of service condition through system crashes (Debian Security).

The vulnerability has been fixed in Linux kernel version 6.0.3 and later. The fix involves properly checking for error pointers using IS_ERR() instead of checking for NULL. Various Linux distributions have backported the fix to their supported kernel versions. For example, Ubuntu has fixed it in versions 5.19.0-28.29 for 22.10 and 5.15.0-60.66 for 22.04 LTS (Ubuntu Security).