PT-2023-32178 · Unknown · Sja1000 Can Controller Driver Backend

Henrikbrixandersen

Publicado

2023-10-12

Atualizado

2023-10-18

CVE-2023-5563

CVSS v3.1

7.5

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions SJA1000 CAN controller driver backend (affected versions not specified)

Description The issue arises when the SJA1000 CAN controller driver backend is built with CONFIG CAN AUTO BUS OFF RECOVERY=y, causing it to automatically attempt to recover from a bus-off event. This results in calling k sleep() in IRQ context, leading to a fatal exception.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-703

Identificadores relacionados

CVE-2023-5563

GHSA-98MC-RJ7W-7RPV

Produtos afetados

Sja1000 Can Controller Driver Backend

PT-2023-32178 · Unknown · Sja1000 Can Controller Driver Backend

CVE-2023-5563

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4