CVE-2023-53287

MEDIUM EPSS 3.3%
Published Sep 16, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Sep 16, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pm_runtime_set_active will resume suppliers, put set active outside the spin lock, which is only used to protect the struct cdns data structure, otherwise the kernel will report the following warning: BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163 in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 651, name: sh preempt_count: 1, expected: 0 RCU nest depth: 0, expected: 0 CPU: 0 PID: 651 Comm: sh Tainted: G WC 6.1.20 #1 Hardware name: Freescale i.MX8QM MEK (DT) Call trace: dump_backtrace.part.0+0xe0/0xf0 show_stack+0x18/0x30 dump_stack_lvl+0x64/0x80 dump_stack+0x1c/0x38 __might_resched+0x1fc/0x240 __might_sleep+0x68/0xc0 __pm_runtime_resume+0x9c/0xe0 rpm_get_suppliers+0x68/0x1b0 __pm_runtime_set_status+0x298/0x560 cdns_resume+0xb0/0x1c0 cdns3_controller_resume.isra.0+0x1e0/0x250 cdns3_plat_resume+0x28/0x40

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 3

VendorProductVersionRange
linuxlinux_kernel*≥5.4  –  <5.15.133
linuxlinux_kernel*≥5.16  –  <6.1.55
linuxlinux_kernel*≥6.2  –  <6.5.5

References 4

  • git.kernel.org https://git.kernel.org/stable/c/2319b9c87fe243327285f2fefd7374ffd75a65fc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bbc9c3652708108738009e096d608ece3cd9fa8a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c861a61be6d30538ebcf7fcab1d43f244e298840
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3f372ec95b89776f72d5c9a475424e27734c223
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/2319b9c87fe243327285f2fefd7374ffd75a65fc
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/bbc9c3652708108738009e096d608ece3cd9fa8a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/c861a61be6d30538ebcf7fcab1d43f244e298840
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/d3f372ec95b89776f72d5c9a475424e27734c223
    Patch