CVE-2023-54287

EPSS 0.03%
Veröffentlicht 30.12.2025 12:23:27
Zuletzt bearbeitet 31.12.2025 20:42:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

tty: serial: imx: disable Ageing Timer interrupt request irq

There maybe pending USR interrupt before requesting irq, however
uart_add_one_port has not executed, so there will be kernel panic:
[    0.795668] Unable to handle kernel NULL pointer dereference at virtual addre
ss 0000000000000080
[    0.802701] Mem abort info:
[    0.805367]   ESR = 0x0000000096000004
[    0.808950]   EC = 0x25: DABT (current EL), IL = 32 bits
[    0.814033]   SET = 0, FnV = 0
[    0.816950]   EA = 0, S1PTW = 0
[    0.819950]   FSC = 0x04: level 0 translation fault
[    0.824617] Data abort info:
[    0.827367]   ISV = 0, ISS = 0x00000004
[    0.831033]   CM = 0, WnR = 0
[    0.833866] [0000000000000080] user address but active_mm is swapper
[    0.839951] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP
[    0.845953] Modules linked in:
[    0.848869] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 6.1.1+g56321e101aca #1
[    0.855617] Hardware name: Freescale i.MX8MP EVK (DT)
[    0.860452] pstate: 000000c5 (nzcv daIF -PAN -UAO -TCO -DIT -SSBS BTYPE=--)
[    0.867117] pc : __imx_uart_rxint.constprop.0+0x11c/0x2c0
[    0.872283] lr : imx_uart_int+0xf8/0x1ec

The issue only happends in the inmate linux when Jailhouse hypervisor
enabled. The test procedure is:
while true; do
	jailhouse enable imx8mp.cell
	jailhouse cell linux xxxx
	sleep 10
	jailhouse cell destroy 1
	jailhouse disable
	sleep 5
done

And during the upper test, press keys to the 2nd linux console.
When `jailhouse cell destroy 1`, the 2nd linux has no chance to put
the uart to a quiese state, so USR1/2 may has pending interrupts. Then
when `jailhosue cell linux xx` to start 2nd linux again, the issue
trigger.

In order to disable irqs before requesting them, both UCR1 and UCR2 irqs
should be disabled, so here fix that, disable the Ageing Timer interrupt
in UCR2 as UCR1 does.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < 3d41d9b256ae626c0dc434427c8e32450358d3b4

Version 8a61f0c70ae65c6b70d13228c3120c73d7425a60

Status affected

Version < 9795ece3a85ba9238191e97665586e2d79703ff3

Version 8a61f0c70ae65c6b70d13228c3120c73d7425a60

Status affected

Version < 963875b0655197281775b0ea614aab8b6b3eb001

Version 8a61f0c70ae65c6b70d13228c3120c73d7425a60

Status affected

Version < ef25e16ea9674b713a68c3bda821556ce9901254

Version 8a61f0c70ae65c6b70d13228c3120c73d7425a60

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.3

Status affected

Version < 4.3

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.99

Status unaffected

Version <= 6.1.*

Version 6.1.16

Status unaffected

Version <= 6.2.*

Version 6.2.3

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.063

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/3d41d9b256ae626c0dc434427c8e32450358d3b4

https://git.kernel.org/stable/c/9795ece3a85ba9238191e97665586e2d79703ff3

https://git.kernel.org/stable/c/963875b0655197281775b0ea614aab8b6b3eb001

https://git.kernel.org/stable/c/ef25e16ea9674b713a68c3bda821556ce9901254

https://nvd.nist.gov/vuln/detail/CVE-2023-54287

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54287

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54287

EUVD