5.5

CVE-2023-53176

EPSS 0.02%
Veröffentlicht 15.09.2025 14:04:16
Zuletzt bearbeitet 02.12.2025 02:58:00
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

serial: 8250: Reinit port->pm on port specific driver unbind

When we unbind a serial port hardware specific 8250 driver, the generic
serial8250 driver takes over the port. After that we see an oops about 10
seconds later. This can produce the following at least on some TI SoCs:

Unhandled fault: imprecise external abort (0x1406)
Internal error: : 1406 [#1] SMP ARM

Turns out that we may still have the serial port hardware specific driver
port->pm in use, and serial8250_pm() tries to call it after the port
specific driver is gone:

serial8250_pm [8250_base] from uart_change_pm+0x54/0x8c [serial_base]
uart_change_pm [serial_base] from uart_hangup+0x154/0x198 [serial_base]
uart_hangup [serial_base] from __tty_hangup.part.0+0x328/0x37c
__tty_hangup.part.0 from disassociate_ctty+0x154/0x20c
disassociate_ctty from do_exit+0x744/0xaac
do_exit from do_group_exit+0x40/0x8c
do_group_exit from __wake_up_parent+0x0/0x1c

Let's fix the issue by calling serial8250_set_defaults() in
serial8250_unregister_port(). This will set the port back to using
the serial8250 default functions, and sets the port->pm to point to
serial8250_pm.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 4.14.316

Linux ≫ Linux Kernel Version >= 4.15 < 4.19.284

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.244

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.181

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.113

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.30

Linux ≫ Linux Kernel Version >= 6.2 < 6.3.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.047

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/490bf37eaabb0a857ed1ae8e75d8854e41662f1c

Patch

https://git.kernel.org/stable/c/c9e080c3005fd183c56ff8f4d75edb5da0765d2c

Patch

https://git.kernel.org/stable/c/d5cd2928d31042a7c0a01464f9a8d95be736421d

Patch

https://git.kernel.org/stable/c/2c86a1305c1406f45ea780d06953c484ea1d9e6e

Patch

https://git.kernel.org/stable/c/1ba5594739d858e524ff0f398ee1ebfe0a8b9d41

Patch

https://git.kernel.org/stable/c/af4d6dbb1a92ea424ad1ba1d0c88c7fa2345d872

Patch

https://git.kernel.org/stable/c/8e596aed5f2f98cf3e6e98d6fe1d689f4a319308

Patch

https://git.kernel.org/stable/c/04e82793f068d2f0ffe62fcea03d007a8cdc16a7

Patch

https://nvd.nist.gov/vuln/detail/CVE-2023-53176

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53176

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53176

EUVD