CVE-2023-52791

i2c: core: Run atomic i2c xfer when !preemptible

Severity Score

4.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

i2c: core: Run atomic i2c xfer when !preemptible

Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is
disabled. However, non-atomic i2c transfers require preemption (e.g. in
wait_for_completion() while waiting for the DMA).

panic() calls preempt_disable_notrace() before calling
emergency_restart(). Therefore, if an i2c device is used for the
restart, the xfer should be atomic. This avoids warnings like:

[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0
[ 12.676926] Voluntary context switch within RCU read-side critical section!
...
[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114
[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70
...
[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58
[ 13.001050] machine_restart from panic+0x2a8/0x32c

Use !preemptible() instead, which is basically the same check as
pre-v5.2.

En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: core: ejecute atomic i2c xfer cuando !preemptible. Desde bae1d3a05a8b, las transferencias i2c no son atómicas si la preferencia está deshabilitada. Sin embargo, las transferencias i2c no atómicas requieren preferencia (por ejemplo, en wait_for_completion() mientras se espera el DMA). pánico() llama a preempt_disable_notrace() antes de llamar a emergence_restart(). Por lo tanto, si se utiliza un dispositivo i2c para el reinicio, el xfer debe ser atómico. Esto evita advertencias como: [12.667612] ADVERTENCIA: CPU: 1 PID: 1 en kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0 [12.676926] ¡Cambio de contexto voluntario dentro de la sección crítica del lado de lectura de RCU! ... [12.742376] Schedule_timeout de wait_for_completion_timeout+0x90/0x114 [12.749179] wait_for_completion_timeout de tegra_i2c_wait_completion+0x40/0x70 ... [12.994527] atomic_notifier_call_chain de machine_restart+0x34/0x58 13.001050] machine_restart desde panic+0x2a8/0x32c Utilice !preemptible( ) en su lugar, que es básicamente la misma verificación que la versión anterior a la v5.2.

*Credits: N/A

CVSS Scores

Red Hatv3.1 4.4

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-05-21 CVE Reserved
2024-05-21 CVE Published
2024-05-22 EPSS Updated
2024-08-02 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-459: Incomplete Cleanup

CAPEC

References (10)

URL	Tag	Source
https://git.kernel.org/stable/c/bae1d3a05a8b99bd748168bbf8155a1d047c562e	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/25eb381a736e7ae39a4245ef5c96484eb1073809	2023-11-28
https://git.kernel.org/stable/c/25284c46b657f48c0f3880a2e0706c70d81182c0	2023-11-28
https://git.kernel.org/stable/c/f6237afabc349c1c7909db00e15d2816519e0d2b	2023-11-28
https://git.kernel.org/stable/c/185f3617adc8fe45e40489b458f03911f0dec46c	2023-11-28
https://git.kernel.org/stable/c/8c3fa52a46ff4d208cefb1a462ec94e0043a91e1	2023-11-28
https://git.kernel.org/stable/c/3473cf43b9068b9dfef2f545f833f33c6a544b91	2023-11-28
https://git.kernel.org/stable/c/aa49c90894d06e18a1ee7c095edbd2f37c232d02	2023-07-28

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2023-52791	2024-08-08
https://bugzilla.redhat.com/show_bug.cgi?id=2282763	2024-08-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 5.4.262 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.4.262"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 5.10.202 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.10.202"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 5.15.140 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.15.140"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 6.1.64 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.1.64"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 6.5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.5.13"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 6.6.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.6.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 5.2 < 6.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.7"		en		Affected