PT-2025-37892 · Linux+3 · Linux Kernel+3

Published

2023-01-01

Updated

2026-03-14

CVE-2023-53287

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.20

Description The Linux kernel contains a flaw related to the cdns3 USB controller. Specifically, the code places the cdns set active part outside of a spin lock, which can lead to a kernel warning and potential issues during the resume process when the device is scheduled. This can result in a bug where a sleeping function is called from an invalid context.

Recommendations Update to Linux kernel version 6.1.20 or later.

Exploit

Fix

Stack Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-121

Related Identifiers

BDU:2026-05890

CVE-2023-53287

RHSA-2025:6966

SUSE-SU-2025:03600-1

SUSE-SU-2025:03615-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:3761-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Astra Linux

Debian

Linux Kernel

Suse

PT-2025-37892 · Linux+3 · Linux Kernel+3

CVE-2023-53287

Weakness Enumeration

Related Identifiers

Affected Products

References · 1990