CVE-2023-53523

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The gs usb device driver in the Linux kernel has an issue where the timestamp counter initialization can lead to a NULL pointer dereference. This occurs if the driver is unloaded or unbound before the interface is shut down, potentially causing issues with CAN frame processing. Specifically, if the gs usb device driver is unloaded before the interface is shut down, pending bulk URBs are killed, but the USB device may still receive CAN frames and queue them. When the driver is reloaded, these queued frames are sent to the host, and if the hardware timestamp function is called too early, a NULL pointer dereference can occur. The issue arises because the cycle counter/time counter infrastructure is set up after the USBs are submitted. The problem is exacerbated in devices with multiple channels, as the cycle counter is initially per-channel but URBs are per-device. The fix involves moving the timestamp initialization function before URB submission and converting the cycle counter to a per-device functionality.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.