CVE-2023-53287

EPSS 0.02%
Veröffentlicht 16.09.2025 08:11:20
Zuletzt bearbeitet 16.09.2025 12:49:16
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

usb: cdns3: Put the cdns set active part outside the spin lock

The device may be scheduled during the resume process,
so this cannot appear in atomic operations. Since
pm_runtime_set_active will resume suppliers, put set
active outside the spin lock, which is only used to
protect the struct cdns data structure, otherwise the
kernel will report the following warning:

  BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163
  in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 651, name: sh
  preempt_count: 1, expected: 0
  RCU nest depth: 0, expected: 0
  CPU: 0 PID: 651 Comm: sh Tainted: G        WC         6.1.20 #1
  Hardware name: Freescale i.MX8QM MEK (DT)
  Call trace:
    dump_backtrace.part.0+0xe0/0xf0
    show_stack+0x18/0x30
    dump_stack_lvl+0x64/0x80
    dump_stack+0x1c/0x38
    __might_resched+0x1fc/0x240
    __might_sleep+0x68/0xc0
    __pm_runtime_resume+0x9c/0xe0
    rpm_get_suppliers+0x68/0x1b0
    __pm_runtime_set_status+0x298/0x560
    cdns_resume+0xb0/0x1c0
    cdns3_controller_resume.isra.0+0x1e0/0x250
    cdns3_plat_resume+0x28/0x40

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < c861a61be6d30538ebcf7fcab1d43f244e298840

Version 7733f6c32e36ff9d7adadf40001039bf219b1cbe

Status affected

Version < bbc9c3652708108738009e096d608ece3cd9fa8a

Version 7733f6c32e36ff9d7adadf40001039bf219b1cbe

Status affected

Version < d3f372ec95b89776f72d5c9a475424e27734c223

Version 7733f6c32e36ff9d7adadf40001039bf219b1cbe

Status affected

Version < 2319b9c87fe243327285f2fefd7374ffd75a65fc

Version 7733f6c32e36ff9d7adadf40001039bf219b1cbe

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.4

Status affected

Version < 5.4

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.133

Status unaffected

Version <= 6.1.*

Version 6.1.55

Status unaffected

Version <= 6.5.*

Version 6.5.5

Status unaffected

Version <= *

Version 6.6

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.046

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/c861a61be6d30538ebcf7fcab1d43f244e298840

https://git.kernel.org/stable/c/bbc9c3652708108738009e096d608ece3cd9fa8a

https://git.kernel.org/stable/c/d3f372ec95b89776f72d5c9a475424e27734c223

https://git.kernel.org/stable/c/2319b9c87fe243327285f2fefd7374ffd75a65fc

https://nvd.nist.gov/vuln/detail/CVE-2023-53287

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53287

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53287

EUVD