CVE-2023-52455: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-52455 affects the Linux kernel's IOMMU subsystem. The vulnerability was discovered when the bootloader/firmware doesn't setup framebuffers properly, resulting in their address and size being 0 in the 'iommu-addresses' property. This vulnerability affects Linux kernel versions from 6.3.0 up to (excluding) 6.6.14 and from 6.7.0 up to (excluding) 6.7.2 (NVD).

The vulnerability occurs in the IOMMU subsystem where if an IOVA region is reserved with 0 length, it corrupts the IOVA rbtree with an entry that has pfn_hi < pfn_lo. When using a display driver in the kernel without framebuffer, this causes display IOMMU mappings to fail as the entire valid IOVA space is reserved when address and length are passed as 0. The vulnerability has been assigned a CVSS v3.1 Base Score of 7.8 HIGH with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (NVD).

When exploited, this vulnerability can lead to the corruption of the IOVA rbtree and cause display IOMMU mappings to fail. This affects system functionality by reserving the entire valid IOVA space incorrectly when zero values are passed for address and length (Kernel Patch).

The vulnerability has been patched by adding a check for the size of the IOVA region and skipping the IOVA reservation if the size is 0. The fix also includes a warning message when firmware requests a 0-length IOVA region reservation. The ideal solution would be for firmware to remove the 'iommu-addresses' property and corresponding 'memory-region' if display is not present (Kernel Patch).