CVE-2023-54096 (GCVE-0-2023-54096)
Vulnerability from cvelistv5
Published
2025-12-24 13:06
Modified
2025-12-24 13:06
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for soundwire device to become enumerated on the bus and initialised by their drivers, respectively. The code implementing the signalling is currently broken as it does not signal all current and future waiters and also uses the wrong reinitialisation function, which can potentially lead to memory corruption if there are still waiters on the queue. Not signalling future waiters specifically breaks sound card probe deferrals as codec drivers can not tell that the soundwire device is already attached when being reprobed. Some codec runtime PM implementations suffer from similar problems as waiting for enumeration during resume can also timeout despite the device already having been enumerated.
References
Impacted products
Vendor Product Version
Linux Linux Version: fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175
Version: fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175
Version: fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175
Version: fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175
Version: fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/soundwire/bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "48d1d0ce0782f995fda678508fdae35c5e9593f0",
              "status": "affected",
              "version": "fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175",
              "versionType": "git"
            },
            {
              "lessThan": "a36b522767f3a72688893a472e80c9aa03e67eda",
              "status": "affected",
              "version": "fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175",
              "versionType": "git"
            },
            {
              "lessThan": "e1d54962a63b6ec04ed0204a3ecca942fde3a6fe",
              "status": "affected",
              "version": "fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175",
              "versionType": "git"
            },
            {
              "lessThan": "c5265691cd065464d795de5666dcfb89c26b9bc1",
              "status": "affected",
              "version": "fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175",
              "versionType": "git"
            },
            {
              "lessThan": "c40d6b3249b11d60e09d81530588f56233d9aa44",
              "status": "affected",
              "version": "fb9469e54fa7a7b6a8137c40ae66c41b8d0ab175",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/soundwire/bus.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.7"
            },
            {
              "lessThan": "5.7",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.190",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.126",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.43",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.4.*",
              "status": "unaffected",
              "version": "6.4.8",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.5",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.190",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.126",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.43",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.4.8",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.5",
                  "versionStartIncluding": "5.7",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nsoundwire: fix enumeration completion\n\nThe soundwire subsystem uses two completion structures that allow\ndrivers to wait for soundwire device to become enumerated on the bus and\ninitialised by their drivers, respectively.\n\nThe code implementing the signalling is currently broken as it does not\nsignal all current and future waiters and also uses the wrong\nreinitialisation function, which can potentially lead to memory\ncorruption if there are still waiters on the queue.\n\nNot signalling future waiters specifically breaks sound card probe\ndeferrals as codec drivers can not tell that the soundwire device is\nalready attached when being reprobed. Some codec runtime PM\nimplementations suffer from similar problems as waiting for enumeration\nduring resume can also timeout despite the device already having been\nenumerated."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-24T13:06:23.828Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/48d1d0ce0782f995fda678508fdae35c5e9593f0"
        },
        {
          "url": "https://git.kernel.org/stable/c/a36b522767f3a72688893a472e80c9aa03e67eda"
        },
        {
          "url": "https://git.kernel.org/stable/c/e1d54962a63b6ec04ed0204a3ecca942fde3a6fe"
        },
        {
          "url": "https://git.kernel.org/stable/c/c5265691cd065464d795de5666dcfb89c26b9bc1"
        },
        {
          "url": "https://git.kernel.org/stable/c/c40d6b3249b11d60e09d81530588f56233d9aa44"
        }
      ],
      "title": "soundwire: fix enumeration completion",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-54096",
    "datePublished": "2025-12-24T13:06:23.828Z",
    "dateReserved": "2025-12-24T13:02:52.516Z",
    "dateUpdated": "2025-12-24T13:06:23.828Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-54096\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-24T13:16:11.487\",\"lastModified\":\"2025-12-24T13:16:11.487\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nsoundwire: fix enumeration completion\\n\\nThe soundwire subsystem uses two completion structures that allow\\ndrivers to wait for soundwire device to become enumerated on the bus and\\ninitialised by their drivers, respectively.\\n\\nThe code implementing the signalling is currently broken as it does not\\nsignal all current and future waiters and also uses the wrong\\nreinitialisation function, which can potentially lead to memory\\ncorruption if there are still waiters on the queue.\\n\\nNot signalling future waiters specifically breaks sound card probe\\ndeferrals as codec drivers can not tell that the soundwire device is\\nalready attached when being reprobed. Some codec runtime PM\\nimplementations suffer from similar problems as waiting for enumeration\\nduring resume can also timeout despite the device already having been\\nenumerated.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/48d1d0ce0782f995fda678508fdae35c5e9593f0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/a36b522767f3a72688893a472e80c9aa03e67eda\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c40d6b3249b11d60e09d81530588f56233d9aa44\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c5265691cd065464d795de5666dcfb89c26b9bc1\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e1d54962a63b6ec04ed0204a3ecca942fde3a6fe\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.