CVE-2023-52645

CVSS v3.1 4.7 (Medium)

EPSS 0.04 % (5^th)

Affected Products 1

Advisories 21

NVD Status Analyzed

In the Linux kernel, the following vulnerability has been resolved:

pmdomain: mediatek: fix race conditions with genpd

If the power domains are registered first with genpd and after that
the driver attempts to power them on in the probe sequence, then it is
possible that a race condition occurs if genpd tries to power them on
in the same time.
The same is valid for powering them off before unregistering them
from genpd.
Attempt to fix race conditions by first removing the domains from genpd
and after that powering down domains.
Also first power up the domains and after that register them
to genpd.

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

CVE Status: PUBLISHED
NVD Status: Analyzed
CNA: kernel.org
Published Date: 2024-04-17 16:15:07
(5 months ago)
Updated Date: 2024-04-29 19:13:16
(4 months ago)

Affected Products

Linux

Linux Kernel

Configuration #1

	CPE23	From	Up To
Linux Kernel from 5.11 version and prior 5.15.150 version	cpe:2.3:o:linux:linux_kernel	>= 5.11	< 5.15.150
Linux Kernel from 5.16 version and prior 6.1.80 version	cpe:2.3:o:linux:linux_kernel	>= 5.16	< 6.1.80
Linux Kernel from 6.2 version and prior 6.6.18 version	cpe:2.3:o:linux:linux_kernel	>= 6.2	< 6.6.18
Linux Kernel from 6.7 version and prior 6.7.6 version	cpe:2.3:o:linux:linux_kernel	>= 6.7	< 6.7.6