CVE-2023-52660

Name of the Vulnerable Software and Affected Versions Linux kernel versions up to 6.1.82 Linux kernel versions up to 6.6.22 Linux kernel versions up to 6.7.10

Description The issue arises from the driver requesting interrupts as IRQF SHARED, allowing interrupt handlers to be called at any time. If an interrupt occurs while the ISP is powered down, the SoC will hang due to the driver attempting to access ISP registers. This can be reproduced by enabling CONFIG DEBUG SHIRQ and unloading the driver. The problem is resolved by adding a new field, irqs enabled, which prevents the interrupt handler from executing when the ISP is not operational.

Recommendations Upgrade to a version later than 6.1.82 to mitigate the risk for Linux kernel version 6.1. Upgrade to a version later than 6.6.22 to mitigate the risk for Linux kernel version 6.6. Upgrade to a version later than 6.7.10 to mitigate the risk for Linux kernel version 6.7. As a temporary workaround, consider disabling the interrupt handler when the ISP is not operational until a patch is available.