PT-2024-14595 · Linux+6 · Linux Kernel+6

Published

2023-12-11

·

Updated

2025-03-13

·

CVE-2023-52488

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue concerns the SC16IS7XX IC, which supports a burst mode to access FIFOs. In this mode, the initial register address is sent, followed by all the FIFO data without resending the register address. The regmap raw read() and regmap raw write() functions perform IO over multiple registers and are used to read/write from/to the FIFO. However, they would corrupt the regmap cache if it was not disabled manually, as they assume the register address is incremented when the R/W size is more than 1 byte. The solution involves converting FIFO R/W functions to use the regmap noinc versions, removing the need for manual cache control.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

AZL-56816
BDU:2025-03938
CVE-2023-52488
DLA-3842-1
DSA-5681-1
OESA-2024-2123
OESA-2024-2126
OPENSUSE-SU-2024_1490-1
OPENSUSE-SU-2024_1659-1
OPENSUSE-SU-2024_1663-1
SUSE-SU-2024:1490-1
SUSE-SU-2024:1643-1
SUSE-SU-2024:1646-1
SUSE-SU-2024:1659-1
SUSE-SU-2024:1663-1
SUSE-SU-2024:1870-1
USN-6765-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4
USN-6898-1
USN-6898-2
USN-6898-3
USN-6898-4
USN-6917-1
USN-6919-1
USN-6927-1
USN-7019-1
USN-7159-1
USN-7159-2
USN-7159-3
USN-7159-4
USN-7159-5
USN-7195-1
USN-7195-2
USN-7332-1
USN-7332-2
USN-7332-3
USN-7342-1
USN-7344-1
USN-7344-2

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Os
Sc16Is7Xx
Suse
Ubuntu