-

CVE-2023-53274

In the Linux kernel, the following vulnerability has been resolved:

clk: mediatek: mt8183: Add back SSPM related clocks

This reverts commit 860690a93ef23b567f781c1b631623e27190f101.

On the MT8183, the SSPM related clocks were removed claiming a lack of
usage. This however causes some issues when the driver was converted to
the new simple-probe mechanism. This mechanism allocates enough space
for all the clocks defined in the clock driver, not the highest index
in the DT binding. This leads to out-of-bound writes if their are holes
in the DT binding or the driver (due to deprecated or unimplemented
clocks). These errors can go unnoticed and cause memory corruption,
leading to crashes in unrelated areas, or nothing at all. KASAN will
detect them.

Add the SSPM related clocks back to the MT8183 clock driver to fully
implement the DT binding. The SSPM clocks are for the power management
co-processor, and should never be turned off. They are marked as such.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
Product Linux
Default Statusunaffected
Version < 45d69917a4af6c869193f95932dc6d6f15d5ef86
Version 3f37ba7cc385ba07762ffcd7ac38af8c0f84dd3e
Status affected
Version < 1eb8d61ac5c9c7ec56bb96d433532807509b9288
Version 3f37ba7cc385ba07762ffcd7ac38af8c0f84dd3e
Status affected
VendorLinux
Product Linux
Default Statusaffected
Version 6.4
Status affected
Version < 6.4
Version 0
Status unaffected
Version <= 6.4.*
Version 6.4.10
Status unaffected
Version <= *
Version 6.5
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.02% 0.05
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string