FKIE_CVE-2023-52567

Vulnerability from fkie_nvd - Published: 2024-03-02 22:15 - Updated: 2024-12-11 16:26
Severity ?
5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Summary
In the Linux kernel, the following vulnerability has been resolved: serial: 8250_port: Check IRQ data before use In case the leaf driver wants to use IRQ polling (irq = 0) and IIR register shows that an interrupt happened in the 8250 hardware the IRQ data can be NULL. In such a case we need to skip the wake event as we came to this path from the timer interrupt and quite likely system is already awake. Without this fix we have got an Oops: serial8250: ttyS0 at I/O 0x3f8 (irq = 0, base_baud = 115200) is a 16550A ... BUG: kernel NULL pointer dereference, address: 0000000000000010 RIP: 0010:serial8250_handle_irq+0x7c/0x240 Call Trace: ? serial8250_handle_irq+0x7c/0x240 ? __pfx_serial8250_timeout+0x10/0x10
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/2b837f13a818f96304736453ac53b66a70aaa4f2Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/3345cc5f02f1fb4c4dcb114706f2210d879ab933Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/bf3c728e3692cc6d998874f0f27d433117348742Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/c334650150c29234b0923476f51573ae1b2f252aPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/cce7fc8b29961b64fadb1ce398dc5ff32a79643bPatch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e14afa4450cb7e4cf93e993a765801203d41d014Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/e14f68a48fd445a083ac0750fafcb064df5f18f7Patch
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/ee5732caaffba3a37e753fdb89b4958db9a61847Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/2b837f13a818f96304736453ac53b66a70aaa4f2Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/3345cc5f02f1fb4c4dcb114706f2210d879ab933Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/bf3c728e3692cc6d998874f0f27d433117348742Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/c334650150c29234b0923476f51573ae1b2f252aPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/cce7fc8b29961b64fadb1ce398dc5ff32a79643bPatch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/e14afa4450cb7e4cf93e993a765801203d41d014Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/e14f68a48fd445a083ac0750fafcb064df5f18f7Patch
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/stable/c/ee5732caaffba3a37e753fdb89b4958db9a61847Patch
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel 6.6
linux linux_kernel 6.6
linux linux_kernel 6.6
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2E9DE56-0F61-4A8B-9FF0-4D7E29F6B0CC",
              "versionEndExcluding": "4.14.327",
              "versionStartIncluding": "4.14.315",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B1729C6A-DB56-4B8F-B4DA-A2D5BEC4A04B",
              "versionEndExcluding": "4.19.296",
              "versionStartIncluding": "4.19.283",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A86237AD-7726-4F3C-8A27-DD721615097A",
              "versionEndExcluding": "5.4.258",
              "versionStartIncluding": "5.4.243",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2313CA47-BD6B-4E6F-9DD6-A65989C4A196",
              "versionEndExcluding": "5.10.198",
              "versionStartIncluding": "5.10.180",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5052A1B6-DA2F-4EF6-9AEA-1D9BAAD72016",
              "versionEndExcluding": "5.15.134",
              "versionStartIncluding": "5.15.111",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "19090EE6-1348-4171-ACA3-684095E30217",
              "versionEndExcluding": "6.1.56",
              "versionStartIncluding": "6.1.28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "220EAEE9-2C66-435C-A761-F38E9BA43A2C",
              "versionEndExcluding": "6.5.6",
              "versionStartIncluding": "6.4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "84267A4F-DBC2-444F-B41D-69E15E1BEC97",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "FB440208-241C-4246-9A83-C1715C0DAA6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:linux:linux_kernel:6.6:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "0DC421F1-3D5A-4BEF-BF76-4E468985D20B",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: 8250_port: Check IRQ data before use\n\nIn case the leaf driver wants to use IRQ polling (irq = 0) and\nIIR register shows that an interrupt happened in the 8250 hardware\nthe IRQ data can be NULL. In such a case we need to skip the wake\nevent as we came to this path from the timer interrupt and quite\nlikely system is already awake.\n\nWithout this fix we have got an Oops:\n\n    serial8250: ttyS0 at I/O 0x3f8 (irq = 0, base_baud = 115200) is a 16550A\n    ...\n    BUG: kernel NULL pointer dereference, address: 0000000000000010\n    RIP: 0010:serial8250_handle_irq+0x7c/0x240\n    Call Trace:\n     ? serial8250_handle_irq+0x7c/0x240\n     ? __pfx_serial8250_timeout+0x10/0x10"
    },
    {
      "lang": "es",
      "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: 8250_port: verifique los datos IRQ antes de usarlos. En caso de que el controlador hoja quiera usar el sondeo IRQ (irq = 0) y el registro IIR muestre que ocurri\u00f3 una interrupci\u00f3n en el hardware 8250, el IRQ los datos pueden ser NULL. En tal caso, debemos omitir el evento de activaci\u00f3n, ya que llegamos a este camino desde la interrupci\u00f3n del temporizador y es muy probable que el sistema ya est\u00e9 despierto. Sin esta soluci\u00f3n, tenemos un Ups: serial8250: ttyS0 en E/S 0x3f8 (irq = 0, base_baud = 115200) es un 16550A... ERROR: desreferencia del puntero NULL del kernel, direcci\u00f3n: 00000000000000010 RIP: 0010:serial8250_handle_irq+0x7c/ 0x240 Seguimiento de llamadas: ? serial8250_handle_irq+0x7c/0x240? __pfx_serial8250_timeout+0x10/0x10"
    }
  ],
  "id": "CVE-2023-52567",
  "lastModified": "2024-12-11T16:26:16.023",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-03-02T22:15:49.073",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/2b837f13a818f96304736453ac53b66a70aaa4f2"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3345cc5f02f1fb4c4dcb114706f2210d879ab933"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bf3c728e3692cc6d998874f0f27d433117348742"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c334650150c29234b0923476f51573ae1b2f252a"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/cce7fc8b29961b64fadb1ce398dc5ff32a79643b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/e14afa4450cb7e4cf93e993a765801203d41d014"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/e14f68a48fd445a083ac0750fafcb064df5f18f7"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ee5732caaffba3a37e753fdb89b4958db9a61847"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/2b837f13a818f96304736453ac53b66a70aaa4f2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/3345cc5f02f1fb4c4dcb114706f2210d879ab933"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/bf3c728e3692cc6d998874f0f27d433117348742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/c334650150c29234b0923476f51573ae1b2f252a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/cce7fc8b29961b64fadb1ce398dc5ff32a79643b"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/e14afa4450cb7e4cf93e993a765801203d41d014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/e14f68a48fd445a083ac0750fafcb064df5f18f7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://git.kernel.org/stable/c/ee5732caaffba3a37e753fdb89b4958db9a61847"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-476"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.