CVE-2023-52645
Vulnerability from cvelistv5
Published
2024-04-17 15:59
Modified
2024-12-19 08:23
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs if genpd tries to power them on in the same time. The same is valid for powering them off before unregistering them from genpd. Attempt to fix race conditions by first removing the domains from genpd and *after that* powering down domains. Also first power up the domains and *after that* register them to genpd.
Impacted products
Vendor Product Version
Linux Linux Version: 5.11
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52645",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-17T17:41:05.492458Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-17T17:47:27.898Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:21.361Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/pmdomain/mediatek/mtk-pm-domains.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "475426ad1ae0bfdfd8f160ed9750903799392438",
              "status": "affected",
              "version": "59b644b01cf48d6042f3c5983d464921a4920845",
              "versionType": "git"
            },
            {
              "lessThan": "339ddc983bc1622341d95f244c361cda3da3a4ff",
              "status": "affected",
              "version": "59b644b01cf48d6042f3c5983d464921a4920845",
              "versionType": "git"
            },
            {
              "lessThan": "f83b9abee9faa4868a6fac4669b86f4c215dae25",
              "status": "affected",
              "version": "59b644b01cf48d6042f3c5983d464921a4920845",
              "versionType": "git"
            },
            {
              "lessThan": "3cd1d92ee1dbf3e8f988767eb75f26207397792b",
              "status": "affected",
              "version": "59b644b01cf48d6042f3c5983d464921a4920845",
              "versionType": "git"
            },
            {
              "lessThan": "c41336f4d69057cbf88fed47951379b384540df5",
              "status": "affected",
              "version": "59b644b01cf48d6042f3c5983d464921a4920845",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/pmdomain/mediatek/mtk-pm-domains.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.11"
            },
            {
              "lessThan": "5.11",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.80",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.18",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.6",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix race conditions with genpd\n\nIf the power domains are registered first with genpd and *after that*\nthe driver attempts to power them on in the probe sequence, then it is\npossible that a race condition occurs if genpd tries to power them on\nin the same time.\nThe same is valid for powering them off before unregistering them\nfrom genpd.\nAttempt to fix race conditions by first removing the domains from genpd\nand *after that* powering down domains.\nAlso first power up the domains and *after that* register them\nto genpd."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-12-19T08:23:15.093Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438"
        },
        {
          "url": "https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff"
        },
        {
          "url": "https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25"
        },
        {
          "url": "https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b"
        },
        {
          "url": "https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5"
        }
      ],
      "title": "pmdomain: mediatek: fix race conditions with genpd",
      "x_generator": {
        "engine": "bippy-5f407fcff5a0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52645",
    "datePublished": "2024-04-17T15:59:21.343Z",
    "dateReserved": "2024-03-06T09:52:12.094Z",
    "dateUpdated": "2024-12-19T08:23:15.093Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52645\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-04-17T16:15:07.437\",\"lastModified\":\"2024-11-21T08:40:16.490\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\npmdomain: mediatek: fix race conditions with genpd\\n\\nIf the power domains are registered first with genpd and *after that*\\nthe driver attempts to power them on in the probe sequence, then it is\\npossible that a race condition occurs if genpd tries to power them on\\nin the same time.\\nThe same is valid for powering them off before unregistering them\\nfrom genpd.\\nAttempt to fix race conditions by first removing the domains from genpd\\nand *after that* powering down domains.\\nAlso first power up the domains and *after that* register them\\nto genpd.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: pmdomain: mediatek: corrige las condiciones de ejecuci\u00f3n con genpd, si los dominios de energ\u00eda se registran primero con genpd y *despu\u00e9s de eso* el controlador intenta encenderlos en la secuencia de sonda, entonces es Es posible que se produzca una condici\u00f3n de ejecuci\u00f3n si genpd intenta encenderlos al mismo tiempo. Lo mismo es v\u00e1lido para apagarlos antes de cancelar su registro en genpd. Intente arreglar las condiciones de ejecuci\u00f3n eliminando primero los dominios de genpd y *despu\u00e9s* apagando los dominios. Tambi\u00e9n primero encienda los dominios y *despu\u00e9s* reg\u00edstrelos en genpd.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.7,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.150\",\"matchCriteriaId\":\"CB6C60DE-9E0C-46C5-904D-D4F4031F8E95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.80\",\"matchCriteriaId\":\"BA7850CE-97C9-4408-A348-6173296BCA2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.18\",\"matchCriteriaId\":\"BD961E49-FEDA-47CF-BF23-4D2BD942B4E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.6\",\"matchCriteriaId\":\"C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.