cve-2023-52456
Vulnerability from cvelistv5
Published
2024-02-23 14:46
Modified
2024-11-04 14:47
Severity ?
Summary
serial: imx: fix tx statemachine deadlock
Impacted products
Vendor Product Version
Linux Linux Version: 5.9
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52456",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-23T17:01:14.114676Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:23:14.564Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:03:19.652Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/6e04a9d30509fb53ba6df5d655ed61d607a7cfda"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/ff168d4fdb0e1ba35fb413a749b3d6cce918ec19"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/63ee7be01a3f7d28b1ea8b8d7944f12bb7b0ed06"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/763cd68746317b5d746dc2649a3295c1efb41181"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9a662d06c22ddfa371958c2071dc350436be802b"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/serial/imx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "6e04a9d30509",
              "status": "affected",
              "version": "cb1a60923609",
              "versionType": "git"
            },
            {
              "lessThan": "ff168d4fdb0e",
              "status": "affected",
              "version": "cb1a60923609",
              "versionType": "git"
            },
            {
              "lessThan": "63ee7be01a3f",
              "status": "affected",
              "version": "cb1a60923609",
              "versionType": "git"
            },
            {
              "lessThan": "763cd6874631",
              "status": "affected",
              "version": "cb1a60923609",
              "versionType": "git"
            },
            {
              "lessThan": "9a662d06c22d",
              "status": "affected",
              "version": "cb1a60923609",
              "versionType": "git"
            },
            {
              "lessThan": "78d60dae9a0c",
              "status": "affected",
              "version": "cb1a60923609",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/tty/serial/imx.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.9"
            },
            {
              "lessThan": "5.9",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.209",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.148",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.2",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: imx: fix tx statemachine deadlock\n\nWhen using the serial port as RS485 port, the tx statemachine is used to\ncontrol the RTS pin to drive the RS485 transceiver TX_EN pin. When the\nTTY port is closed in the middle of a transmission (for instance during\nuserland application crash), imx_uart_shutdown disables the interface\nand disables the Transmission Complete interrupt. afer that,\nimx_uart_stop_tx bails on an incomplete transmission, to be retriggered\nby the TC interrupt. This interrupt is disabled and therefore the tx\nstatemachine never transitions out of SEND. The statemachine is in\ndeadlock now, and the TX_EN remains low, making the interface useless.\n\nimx_uart_stop_tx now checks for incomplete transmission AND whether TC\ninterrupts are enabled before bailing to be retriggered. This makes sure\nthe state machine handling is reached, and is properly set to\nWAIT_AFTER_SEND."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:47:06.989Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/6e04a9d30509fb53ba6df5d655ed61d607a7cfda"
        },
        {
          "url": "https://git.kernel.org/stable/c/ff168d4fdb0e1ba35fb413a749b3d6cce918ec19"
        },
        {
          "url": "https://git.kernel.org/stable/c/63ee7be01a3f7d28b1ea8b8d7944f12bb7b0ed06"
        },
        {
          "url": "https://git.kernel.org/stable/c/763cd68746317b5d746dc2649a3295c1efb41181"
        },
        {
          "url": "https://git.kernel.org/stable/c/9a662d06c22ddfa371958c2071dc350436be802b"
        },
        {
          "url": "https://git.kernel.org/stable/c/78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0"
        }
      ],
      "title": "serial: imx: fix tx statemachine deadlock",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52456",
    "datePublished": "2024-02-23T14:46:19.139Z",
    "dateReserved": "2024-02-20T12:30:33.294Z",
    "dateUpdated": "2024-11-04T14:47:06.989Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52456\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-23T15:15:08.237\",\"lastModified\":\"2024-11-21T08:39:48.623\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nserial: imx: fix tx statemachine deadlock\\n\\nWhen using the serial port as RS485 port, the tx statemachine is used to\\ncontrol the RTS pin to drive the RS485 transceiver TX_EN pin. When the\\nTTY port is closed in the middle of a transmission (for instance during\\nuserland application crash), imx_uart_shutdown disables the interface\\nand disables the Transmission Complete interrupt. afer that,\\nimx_uart_stop_tx bails on an incomplete transmission, to be retriggered\\nby the TC interrupt. This interrupt is disabled and therefore the tx\\nstatemachine never transitions out of SEND. The statemachine is in\\ndeadlock now, and the TX_EN remains low, making the interface useless.\\n\\nimx_uart_stop_tx now checks for incomplete transmission AND whether TC\\ninterrupts are enabled before bailing to be retriggered. This makes sure\\nthe state machine handling is reached, and is properly set to\\nWAIT_AFTER_SEND.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: serial: imx: corrige el punto muerto de la m\u00e1quina de estado tx Cuando se usa el puerto serie como puerto RS485, la m\u00e1quina de estado tx se usa para controlar el pin RTS para controlar el pin TX_EN del transceptor RS485. Cuando el puerto TTY se cierra en medio de una transmisi\u00f3n (por ejemplo, durante una falla de la aplicaci\u00f3n en el \u00e1rea de usuario), imx_uart_shutdown deshabilita la interfaz y deshabilita la interrupci\u00f3n de transmisi\u00f3n completa. Despu\u00e9s de eso, imx_uart_stop_tx abandona una transmisi\u00f3n incompleta, para ser reactivada por la interrupci\u00f3n de TC. Esta interrupci\u00f3n est\u00e1 deshabilitada y, por lo tanto, la m\u00e1quina de estados tx nunca sale de ENVIAR. La m\u00e1quina de estados ahora est\u00e1 en punto muerto y TX_EN permanece bajo, lo que hace que la interfaz sea in\u00fatil. imx_uart_stop_tx ahora verifica si hay transmisiones incompletas Y si las interrupciones TC est\u00e1n habilitadas antes de volver a activar el rescate. Esto garantiza que se alcance el estado de manejo de la m\u00e1quina y que est\u00e9 configurado correctamente en WAIT_AFTER_SEND.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-667\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.9.0\",\"versionEndExcluding\":\"5.10.209\",\"matchCriteriaId\":\"CDB2CF71-A47E-4390-B675-6597A78D6ADE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11.0\",\"versionEndExcluding\":\"5.15.148\",\"matchCriteriaId\":\"E25E1389-4B0F-407A-9C94-5908FF3EE88B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16.0\",\"versionEndExcluding\":\"6.1.75\",\"matchCriteriaId\":\"2C4951FA-80C0-4B4C-9836-6E5035DEB0F9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2.0\",\"versionEndExcluding\":\"6.6.14\",\"matchCriteriaId\":\"BDBBEB0E-D13A-4567-8984-51C5375350B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7.0\",\"versionEndExcluding\":\"6.7.2\",\"matchCriteriaId\":\"0EA3778C-730B-464C-8023-18CA6AC0B807\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/63ee7be01a3f7d28b1ea8b8d7944f12bb7b0ed06\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6e04a9d30509fb53ba6df5d655ed61d607a7cfda\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/763cd68746317b5d746dc2649a3295c1efb41181\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9a662d06c22ddfa371958c2071dc350436be802b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ff168d4fdb0e1ba35fb413a749b3d6cce918ec19\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/63ee7be01a3f7d28b1ea8b8d7944f12bb7b0ed06\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6e04a9d30509fb53ba6df5d655ed61d607a7cfda\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/763cd68746317b5d746dc2649a3295c1efb41181\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/78d60dae9a0c9f09aa3d6477c94047df2fe6f7b0\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9a662d06c22ddfa371958c2071dc350436be802b\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/ff168d4fdb0e1ba35fb413a749b3d6cce918ec19\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.