CVE-2023-53475

MEDIUM EPSS 4.2%
Published Oct 1, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: tegra: fix sleep in atomic call When we set the dual-role port to Host mode, we observed the following splat: [ 167.057718] BUG: sleeping function called from invalid context at include/linux/sched/mm.h:229 [ 167.057872] Workqueue: events tegra_xusb_usb_phy_work [ 167.057954] Call trace: [ 167.057962] dump_backtrace+0x0/0x210 [ 167.057996] show_stack+0x30/0x50 [ 167.058020] dump_stack_lvl+0x64/0x84 [ 167.058065] dump_stack+0x14/0x34 [ 167.058100] __might_resched+0x144/0x180 [ 167.058140] __might_sleep+0x64/0xd0 [ 167.058171] slab_pre_alloc_hook.constprop.0+0xa8/0x110 [ 167.058202] __kmalloc_track_caller+0x74/0x2b0 [ 167.058233] kvasprintf+0xa4/0x190 [ 167.058261] kasprintf+0x58/0x90 [ 167.058285] tegra_xusb_find_port_node.isra.0+0x58/0xd0 [ 167.058334] tegra_xusb_find_port+0x38/0xa0 [ 167.058380] tegra_xusb_padctl_get_usb3_companion+0x38/0xd0 [ 167.058430] tegra_xhci_id_notify+0x8c/0x1e0 [ 167.058473] notifier_call_chain+0x88/0x100 [ 167.058506] atomic_notifier_call_chain+0x44/0x70 [ 167.058537] tegra_xusb_usb_phy_work+0x60/0xd0 [ 167.058581] process_one_work+0x1dc/0x4c0 [ 167.058618] worker_thread+0x54/0x410 [ 167.058650] kthread+0x188/0x1b0 [ 167.058672] ret_from_fork+0x10/0x20 The function tegra_xusb_padctl_get_usb3_companion eventually calls tegra_xusb_find_port and this in turn calls kasprintf which might sleep and so cannot be called from an atomic context. Fix this by moving the call to tegra_xusb_padctl_get_usb3_companion to the tegra_xhci_id_work function where it is really needed.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
4.2% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 9

VendorProductVersionRange
linuxlinux_kernel*≥5.7  –  <5.10.178
linuxlinux_kernel*≥5.11  –  <5.15.107
linuxlinux_kernel*≥5.16  –  <6.1.24
linuxlinux_kernel*≥6.2  –  <6.2.11
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any

References 5

  • git.kernel.org https://git.kernel.org/stable/c/1122474b757a5dd8b2b50008a97f33cdb10dff6e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/130c61c516cd0684282a8f6ab163281d60642fc5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1fe6015aa92cc0dfd875c1d3c7c1750a1b0767d9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4c7f9d2e413dc06a157c4e5dccde84aaf4655eb3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4b4f17aa46c025da77aed5133b08971959c9684
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1122474b757a5dd8b2b50008a97f33cdb10dff6e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/130c61c516cd0684282a8f6ab163281d60642fc5
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/1fe6015aa92cc0dfd875c1d3c7c1750a1b0767d9
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4c7f9d2e413dc06a157c4e5dccde84aaf4655eb3
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4b4f17aa46c025da77aed5133b08971959c9684
    Patch