-
CVE-2023-53475
- EPSS 0.02%
- Veröffentlicht 01.10.2025 12:15:49
- Zuletzt bearbeitet 02.10.2025 19:12:17
- Quelle 416baaa9-dc9f-4396-8d5f-8c081f
- Teams Watchlist Login
- Unerledigt Login
In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: [ 167.057718] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:229 [ 167.057872] Workqueue: events tegra_xusb_usb_phy_work [ 167.057954] Call trace: [ 167.057962] dump_backtrace+0x0/0x210 [ 167.057996] show_stack+0x30/0x50 [ 167.058020] dump_stack_lvl+0x64/0x84 [ 167.058065] dump_stack+0x14/0x34 [ 167.058100] __might_resched+0x144/0x180 [ 167.058140] __might_sleep+0x64/0xd0 [ 167.058171] slab_pre_alloc_hook.constprop.0+0xa8/0x110 [ 167.058202] __kmalloc_track_caller+0x74/0x2b0 [ 167.058233] kvasprintf+0xa4/0x190 [ 167.058261] kasprintf+0x58/0x90 [ 167.058285] tegra_xusb_find_port_node.isra.0+0x58/0xd0 [ 167.058334] tegra_xusb_find_port+0x38/0xa0 [ 167.058380] tegra_xusb_padctl_get_usb3_companion+0x38/0xd0 [ 167.058430] tegra_xhci_id_notify+0x8c/0x1e0 [ 167.058473] notifier_call_chain+0x88/0x100 [ 167.058506] atomic_notifier_call_chain+0x44/0x70 [ 167.058537] tegra_xusb_usb_phy_work+0x60/0xd0 [ 167.058581] process_one_work+0x1dc/0x4c0 [ 167.058618] worker_thread+0x54/0x410 [ 167.058650] kthread+0x188/0x1b0 [ 167.058672] ret_from_fork+0x10/0x20 The function tegra_xusb_padctl_get_usb3_companion eventually calls tegra_xusb_find_port and this in turn calls kasprintf which might sleep and so cannot be called from an atomic context. Fix this by moving the call to tegra_xusb_padctl_get_usb3_companion to the tegra_xhci_id_work function where it is really needed.
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
≫
Produkt
Linux
Default Statusunaffected
Version <
b4b4f17aa46c025da77aed5133b08971959c9684
Version
f836e7843036fbf34320356e156cd4267fa5bfa2
Status
affected
Version <
1122474b757a5dd8b2b50008a97f33cdb10dff6e
Version
f836e7843036fbf34320356e156cd4267fa5bfa2
Status
affected
Version <
130c61c516cd0684282a8f6ab163281d60642fc5
Version
f836e7843036fbf34320356e156cd4267fa5bfa2
Status
affected
Version <
1fe6015aa92cc0dfd875c1d3c7c1750a1b0767d9
Version
f836e7843036fbf34320356e156cd4267fa5bfa2
Status
affected
Version <
4c7f9d2e413dc06a157c4e5dccde84aaf4655eb3
Version
f836e7843036fbf34320356e156cd4267fa5bfa2
Status
affected
HerstellerLinux
≫
Produkt
Linux
Default Statusaffected
Version
5.7
Status
affected
Version <
5.7
Version
0
Status
unaffected
Version <=
5.10.*
Version
5.10.178
Status
unaffected
Version <=
5.15.*
Version
5.15.107
Status
unaffected
Version <=
6.1.*
Version
6.1.24
Status
unaffected
Version <=
6.2.*
Version
6.2.11
Status
unaffected
Version <=
*
Version
6.3
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.05 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|