Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
vulnrichmentLinuxVULNRICHMENT:CVE-2023-52498
HistoryFeb 29, 2024 - 3:52 p.m.

CVE-2023-52498 PM: sleep: Fix possible deadlocks in core system-wide PM code

2024-02-2915:52:14
Linux
github.com
1
linux kernel
vulnerability
fix
sleep
deadlock
low-memory
asynchronous
mutex

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON

In the Linux kernel, the following vulnerability has been resolved:

PM: sleep: Fix possible deadlocks in core system-wide PM code

It is reported that in low-memory situations the system-wide resume core
code deadlocks, because async_schedule_dev() executes its argument
function synchronously if it cannot allocate memory (and not only in
that case) and that function attempts to acquire a mutex that is already
held. Executing the argument function synchronously from within
dpm_async_fn() may also be problematic for ordering reasons (it may
cause a consumer device’s resume callback to be invoked before a
requisite supplier device’s one, for example).

Address this by changing the code in question to use
async_schedule_dev_nocall() for scheduling the asynchronous
execution of device suspend and resume functions and to directly
run them synchronously if async_schedule_dev_nocall() returns false.

Related

nvd 1
ubuntucve 1
redhatcve 1
debiancve 1
prion 1
cvelist 1
cve 1
nessus 32
osv 19
ubuntu 14
openvas 27
slackware 1
debian 1
nvd
nvd
CVE-2023-52498
2024-03-11 18:15:17
ubuntucve
ubuntucve
CVE-2023-52498
2024-03-11 00:00:00
redhatcve
redhatcve
CVE-2023-52498
2024-03-11 21:37:40
debiancve
debiancve
CVE-2023-52498
2024-03-11 18:15:17
prion
prion
Spoofing
2024-03-11 18:15:00
cvelist
cvelist
CVE-2023-52498 PM: sleep: Fix possible deadlocks in core system-wide PM code
2024-02-29 15:52:14
cve
cve
CVE-2023-52498
2024-03-11 18:15:17
nessus
nessus
Amazon Linux 2023 : bpftool, kernel, kernel-devel (ALAS2023-2024-517)
2024-02-20 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.15-2024-039)
2024-03-06 00:00:00
Amazon Linux 2 : kernel (ALASKERNEL-5.10-2024-053)
2024-04-01 00:00:00
osv
osv
linux-aws, linux-aws-5.15 vulnerabilities
2024-05-20 13:05:13
linux, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-lowlatency, linux-lowlatency-hwe-5.15, linux-nvidia, linux-oracle, linux-oracle-5.15 vulnerabilities
2024-05-07 19:22:43
linux-hwe-5.15, linux-raspi vulnerabilities
2024-05-15 15:15:08
ubuntu
ubuntu
Linux kernel vulnerabilities
2024-05-07 00:00:00
Linux kernel vulnerabilities
2024-05-15 00:00:00
Linux kernel (AWS) vulnerabilities
2024-05-20 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6766-2)
2024-05-16 00:00:00
Ubuntu: Security Advisory (USN-6766-3)
2024-05-21 00:00:00
Ubuntu: Security Advisory (USN-6766-1)
2024-05-08 00:00:00
slackware
slackware
[slackware-security] Slackware 15.0 kernel
2024-06-05 19:11:11
debian
debian
[SECURITY] [DSA 5681-1] linux security update
2024-05-06 18:31:39

AI Score

6.8

Confidence

Low

SSVC

Exploitation

none

Automatable

no

Technical Impact

partial

JSON
Related for VULNRICHMENT:CVE-2023-52498
nvd1ubuntucve1redhatcve1debiancve1prion1cvelist1cve1nessus32osv19ubuntu14openvas27slackware1debian1