ghsa-3ghc-2486-hrxh
Vulnerability from github
Published
2024-04-17 18:31
Modified
2024-04-29 21:30
Severity ?
4.7 (Medium) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Details

In the Linux kernel, the following vulnerability has been resolved:

pmdomain: mediatek: fix race conditions with genpd

If the power domains are registered first with genpd and after that the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs if genpd tries to power them on in the same time. The same is valid for powering them off before unregistering them from genpd. Attempt to fix race conditions by first removing the domains from genpd and after that powering down domains. Also first power up the domains and after that register them to genpd.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-52645"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-362"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-17T16:15:07Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: mediatek: fix race conditions with genpd\n\nIf the power domains are registered first with genpd and *after that*\nthe driver attempts to power them on in the probe sequence, then it is\npossible that a race condition occurs if genpd tries to power them on\nin the same time.\nThe same is valid for powering them off before unregistering them\nfrom genpd.\nAttempt to fix race conditions by first removing the domains from genpd\nand *after that* powering down domains.\nAlso first power up the domains and *after that* register them\nto genpd.",
  "id": "GHSA-3ghc-2486-hrxh",
  "modified": "2024-04-29T21:30:34Z",
  "published": "2024-04-17T18:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52645"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.