CVE-2023-53242

thermal/drivers/hisi: Drop second sensor hi3660

Severity Score

7.1

*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 ("driver core: Add __alloc_size hint to devm
allocators") exposes a panic "BRK handler: Fatal exception" on the
hi3660_thermal_probe funciton.
This is because the function allocates memory for only one
sensors array entry, but tries to fill up a second one. Fix this by removing the unneeded second access.

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 ("driver core: Add __alloc_size hint to devm allocators") exposes a panic "BRK handler: Fatal exception" on the hi3660_thermal_probe funciton. This is because the function allocates memory for only one sensors array entry, but tries to fill up a second one. Fix this by removing the unneeded second access.

This update provides the initial livepatch for this kernel update. This update does not contain any fixes and will be updated with livepatches later.

*Credits: N/A

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

High

Attack Vector

Local

Attack Complexity

Low

Authentication

Single

Confidentiality

Complete

Integrity

None

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2025-09-15 CVE Reserved
2025-09-15 CVE Published
2025-09-15 CVE Updated
2025-10-17 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (7)

URL	Tag	Source
https://git.kernel.org/stable/c/7d3a2a2bbadb4bf5856ed394ba09b8fbb7a80460	Vuln. Introduced

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/3cf2181e438f43ed24e12424fe36d156cca233b9	2023-03-11
https://git.kernel.org/stable/c/e02bc492883abf751fd1a8d89fc025fbce6744c6	2023-03-11
https://git.kernel.org/stable/c/f5aaf140ab1c02889c088e1b1098adad600541af	2023-03-10
https://git.kernel.org/stable/c/9f6756cd09889c7201ee31e6f76fbd914fb0b80d	2023-03-10
https://git.kernel.org/stable/c/68e675a9b69cfc34dd915d91a4650e3ee53421f4	2023-03-10
https://git.kernel.org/stable/c/15cc25829a97c3957e520e971868aacc84341317	2023-02-15

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 5.4.235 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.4.235"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 5.10.173 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.10.173"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 5.15.99 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 5.15.99"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.1.16 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.1.16"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.2.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.2.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.20 < 6.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.20 < 6.3"		en		Affected