CVE-2023-52645
Published: April 18, 2024Last modified: April 18, 2024
Description
In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs if genpd tries to power them on in the same time. The same is valid for powering them off before unregistering them from genpd. Attempt to fix race conditions by first removing the domains from genpd and *after that* powering down domains. Also first power up the domains and *after that* register them to genpd.
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 4.7 |
| Attack Vector | LOCAL |
| Attack complexity | HIGH |
| Privileges required | LOW |
| User interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality | NONE |
| Integrity impact | NONE |
| Availability impact | HIGH |
| Vector | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H |
Status
| Product | Release | Package | Status |
|---|---|---|---|
| Alpaquita Linux | 23 LTS | linux-lts | Fixed (6.1.81-r0) |
| Stream | linux-lts | Fixed (6.6.58-r0) |
References
- https://git.kernel.org/stable/c/339ddc983bc1622341d95f244c361cda3da3a4ff
- https://git.kernel.org/stable/c/3cd1d92ee1dbf3e8f988767eb75f26207397792b
- https://git.kernel.org/stable/c/475426ad1ae0bfdfd8f160ed9750903799392438
- https://git.kernel.org/stable/c/c41336f4d69057cbf88fed47951379b384540df5
- https://git.kernel.org/stable/c/f83b9abee9faa4868a6fac4669b86f4c215dae25