CVE-2024-53053

MEDIUM EPSS 7.1%
Published Nov 19, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Nov 19, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix another deadlock during RTC update If ufshcd_rtc_work calls ufshcd_rpm_put_sync() and the pm's usage_count is 0, we will enter the runtime suspend callback. However, the runtime suspend callback will wait to flush ufshcd_rtc_work, causing a deadlock. Replace ufshcd_rpm_put_sync() with ufshcd_rpm_put() to avoid the deadlock.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
7.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 6

VendorProductVersionRange
linuxlinux_kernel*≥6.8  –  <6.11.7
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any
linuxlinux_kernel6.12any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/9aa1f0da237d6b16e36e0a0cc9f746d1d78396ed
  • git.kernel.org https://git.kernel.org/stable/c/a128cfec44709ab1bd1f01d158569bcb2386f54f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cb7e509c4e0197f63717fee54fb41c4990ba8d3a
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/a128cfec44709ab1bd1f01d158569bcb2386f54f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cb7e509c4e0197f63717fee54fb41c4990ba8d3a
    Patch