CVE-2023-52791
i2c: core: Run atomic i2c xfer when !preemptible
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel, the following vulnerability has been resolved:
i2c: core: Run atomic i2c xfer when !preemptible
Since bae1d3a05a8b, i2c transfers are non-atomic if preemption is
disabled. However, non-atomic i2c transfers require preemption (e.g. in
wait_for_completion() while waiting for the DMA).
panic() calls preempt_disable_notrace() before calling
emergency_restart(). Therefore, if an i2c device is used for the
restart, the xfer should be atomic. This avoids warnings like:
[ 12.667612] WARNING: CPU: 1 PID: 1 at kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0
[ 12.676926] Voluntary context switch within RCU read-side critical section!
...
[ 12.742376] schedule_timeout from wait_for_completion_timeout+0x90/0x114
[ 12.749179] wait_for_completion_timeout from tegra_i2c_wait_completion+0x40/0x70
...
[ 12.994527] atomic_notifier_call_chain from machine_restart+0x34/0x58
[ 13.001050] machine_restart from panic+0x2a8/0x32c
Use !preemptible() instead, which is basically the same check as
pre-v5.2.
En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: i2c: core: ejecute atomic i2c xfer cuando !preemptible. Desde bae1d3a05a8b, las transferencias i2c no son atómicas si la preferencia está deshabilitada. Sin embargo, las transferencias i2c no atómicas requieren preferencia (por ejemplo, en wait_for_completion() mientras se espera el DMA). pánico() llama a preempt_disable_notrace() antes de llamar a emergence_restart(). Por lo tanto, si se utiliza un dispositivo i2c para el reinicio, el xfer debe ser atómico. Esto evita advertencias como: [12.667612] ADVERTENCIA: CPU: 1 PID: 1 en kernel/rcu/tree_plugin.h:318 rcu_note_context_switch+0x33c/0x6b0 [12.676926] ¡Cambio de contexto voluntario dentro de la sección crítica del lado de lectura de RCU! ... [12.742376] Schedule_timeout de wait_for_completion_timeout+0x90/0x114 [12.749179] wait_for_completion_timeout de tegra_i2c_wait_completion+0x40/0x70 ... [12.994527] atomic_notifier_call_chain de machine_restart+0x34/0x58 13.001050] machine_restart desde panic+0x2a8/0x32c Utilice !preemptible( ) en su lugar, que es básicamente la misma verificación que la versión anterior a la v5.2.
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2024-05-21 CVE Reserved
- 2024-05-21 CVE Published
- 2024-05-22 EPSS Updated
- 2024-12-19 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-459: Incomplete Cleanup
CAPEC
References (10)
URL | Tag | Source |
---|---|---|
https://git.kernel.org/stable/c/bae1d3a05a8b99bd748168bbf8155a1d047c562e | Vuln. Introduced |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://access.redhat.com/security/cve/CVE-2023-52791 | 2024-11-12 | |
https://bugzilla.redhat.com/show_bug.cgi?id=2282763 | 2024-11-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 5.4.262 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.4.262" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 5.10.202 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.10.202" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 5.15.140 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 5.15.140" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 6.1.64 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.1.64" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 6.5.13 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.5.13" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 6.6.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.6.3" | en |
Affected
| ||||||
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 5.2 < 6.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 5.2 < 6.7" | en |
Affected
|