CVE-2024-53153

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the function qcom pcie perst deassert() in the Linux kernel, which is connected to an uncontrolled reachable assertion. This could allow a remote attacker to cause a denial of service. The problem arises because the endpoint cleanup functions, such as dw pcie ep cleanup() and pci epc deinit notify(), are called when the host asserts PERST#, after which the refclk is disabled, leading to a crash in the endpoint SoC. The fix involves moving the controller cleanups to the start of the qcom pcie perst deassert() function, ensuring that the refclk is active when these cleanups are performed.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.