PT-2023-9553 · Linux+6 · Linux Kernel+6

Publicado

2023-12-16

·

Atualizado

2025-09-29

·

CVE-2023-52493

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to the Linux kernel's mhi component, where a vulnerability has been resolved by dropping the channel lock before queuing buffers. This ensures that read and write locks for the channel are not taken in succession, which could result in multiple locks and a soft lockup. The vulnerability can be exploited to cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-667CWE-414

Identificadores relacionados

ALSA-2025_16880
ALT-PU-2024-3457
BDU:2024-08403
CVE-2023-52493
DLA-3842-1
DSA-5681-1
OESA-2024-1498
OESA-2024-1499
OESA-2024-1500
OESA-2024-1501
OPENSUSE-SU-2024_1322-1
OPENSUSE-SU-2024_1322-2
OPENSUSE-SU-2024_1332-1
OPENSUSE-SU-2024_1332-2
OPENSUSE-SU-2024_1466-1
OPENSUSE-SU-2024_1480-1
OPENSUSE-SU-2024_1490-1
SUSE-SU-2024:1466-1
SUSE-SU-2024:1480-1
SUSE-SU-2024:1490-1
USN-6765-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6795-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4
USN-6828-1

Produtos afetados

Alt Linux
Astra Linux
Linuxmint
Linux Kernel
Red Os
Suse
Ubuntu