CVE-2023-52589

CVSS v3.1

4.7

Medium

Vector

AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue arises from the rkisp1 isp stop() and rkisp1 csi disable() functions in the Linux kernel, where the driver masks interrupts and then proceeds with the stop procedure, assuming the interrupt handler is not running. However, the interrupt handler can already be running, leading to the ISP being disabled while it handles a captured frame. This causes two issues: the ISP could be powered off while the interrupt handler is accessing registers, leading to board lockup, and the interrupt handler code and the code that disables streaming might conflict. The first issue can be seen with a suitable delay in the interrupt handler, leading to board lockup.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-413CWE-362

Related Identifiers

BDU:2025-03819

CVE-2023-52589

DSA-5658-1

OPENSUSE-SU-2024_1644-1

OPENSUSE-SU-2024_1659-1

OPENSUSE-SU-2024_1663-1

SUSE-SU-2024:1644-1

SUSE-SU-2024:1659-1

SUSE-SU-2024:1663-1

USN-6688-1

USN-6765-1

USN-6818-1

USN-6818-2

USN-6818-3

USN-6818-4

USN-6819-1

USN-6819-2

USN-6819-3

USN-6819-4

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

CVE-2023-52589

Weakness Enumeration

Related Identifiers

Affected Products

References · 752