PT-2024-10206 · Linux+3 · Linux Kernel+3

Published

2024-11-03

Updated

2025-10-08

CVE-2024-53152

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the Linux kernel's PCI component, specifically the tegra194 endpoint. The problem arises when the host asserts PERST#, which leads to the refclk being disabled, causing the endpoint to crash. This crash occurs because the controller cleanups, such as the dw pcie ep cleanup() and pci epc deinit notify() functions, are performed while the refclk is inactive. To address this issue, the controller cleanups have been moved to the start of the pex ep event pex rst deassert() function, which is called when the host has deasserted PERST# and the refclk is guaranteed to be active.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Assertion Failure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-617

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

BDU:2025-00535

CVE-2024-53152

INFSA-2025_6966

RHSA-2025:6966

RHSA-2025_6966

USN-7276-1

USN-7277-1

USN-7310-1

Affected Products

Linuxmint

Linux Kernel

Red Hat

Ubuntu

PT-2024-10206 · Linux+3 · Linux Kernel+3

CVE-2024-53152

Weakness Enumeration

Related Identifiers

Affected Products

References · 793