In the Linux kernel, the following vulnerability has been resolved: serial:
sc16is7xx: convert from raw to noinc regmap functions for FIFO The
SC16IS7XX IC supports a burst mode to access the FIFOs where the initial
register address is sent ($00), followed by all the FIFO data without
having to resend the register address each time. In this mode, the IC
doesn’t increment the register address for each R/W byte. The
regmap_raw_read() and regmap_raw_write() are functions which can perform IO
over multiple registers. They are currently used to read/write from/to the
FIFO, and although they operate correctly in this burst mode on the SPI
bus, they would corrupt the regmap cache if it was not disabled manually.
The reason is that when the R/W size is more than 1 byte, these functions
assume that the register address is incremented and handle the cache
accordingly. Convert FIFO R/W functions to use the regmap noinc versions
in order to remove the manual cache control which was a workaround when
using the raw versions. FIFO registers are properly declared as volatile
so cache will not be used/updated for FIFO accesses.
Author | Note |
---|---|
rodrigo-zaiden | USN-6765-1 for linux-oem-6.5 wrongly stated that this CVE was fixed in version 6.5.0-1022.23. The mentioned notice was revoked and the state of the fix for linux-oem-6.5 was recovered to the previous state. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < 5.15.0-116.126 | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < 6.5.0-41.41 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < 5.15.0-1065.71 | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < 6.5.0-1021.21 | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws-5.15 | < 5.15.0-1065.71~20.04.1 | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws-6.5 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-azure | < 5.15.0-1068.77 | UNKNOWN |
git.kernel.org/linus/dbf4ab821804df071c8b566d9813083125e6d97b (6.8-rc1)
git.kernel.org/stable/c/084c24e788d9cf29c55564de368bf5284f2bb5db
git.kernel.org/stable/c/416b10d2817c94db86829fb92ad43ce7d002c573
git.kernel.org/stable/c/aa7cb4787698add9367b19f7afc667662c9bdb23
git.kernel.org/stable/c/dbf4ab821804df071c8b566d9813083125e6d97b
launchpad.net/bugs/cve/CVE-2023-52488
nvd.nist.gov/vuln/detail/CVE-2023-52488
security-tracker.debian.org/tracker/CVE-2023-52488
ubuntu.com/security/notices/USN-6818-1
ubuntu.com/security/notices/USN-6818-2
ubuntu.com/security/notices/USN-6818-3
ubuntu.com/security/notices/USN-6818-4
ubuntu.com/security/notices/USN-6819-1
ubuntu.com/security/notices/USN-6819-2
ubuntu.com/security/notices/USN-6819-3
ubuntu.com/security/notices/USN-6819-4
ubuntu.com/security/notices/USN-6898-1
ubuntu.com/security/notices/USN-6898-2
ubuntu.com/security/notices/USN-6898-3
ubuntu.com/security/notices/USN-6898-4
ubuntu.com/security/notices/USN-6917-1
ubuntu.com/security/notices/USN-6919-1
ubuntu.com/security/notices/USN-6927-1
www.cve.org/CVERecord?id=CVE-2023-52488