{ "threat_severity" : "Low", "public_date" : "2025-09-16T00:00:00Z", "bugzilla" : { "description" : "kernel: Linux kernel: Denial of Service in the cdns3 USB driver due to improper spin lock handling", "id" : "2395698", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2395698" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-663", "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nusb: cdns3: Put the cdns set active part outside the spin lock\nThe device may be scheduled during the resume process,\nso this cannot appear in atomic operations. Since\npm_runtime_set_active will resume suppliers, put set\nactive outside the spin lock, which is only used to\nprotect the struct cdns data structure, otherwise the\nkernel will report the following warning:\nBUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163\nin_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 651, name: sh\npreempt_count: 1, expected: 0\nRCU nest depth: 0, expected: 0\nCPU: 0 PID: 651 Comm: sh Tainted: G WC 6.1.20 #1\nHardware name: Freescale i.MX8QM MEK (DT)\nCall trace:\ndump_backtrace.part.0+0xe0/0xf0\nshow_stack+0x18/0x30\ndump_stack_lvl+0x64/0x80\ndump_stack+0x1c/0x38\n__might_resched+0x1fc/0x240\n__might_sleep+0x68/0xc0\n__pm_runtime_resume+0x9c/0xe0\nrpm_get_suppliers+0x68/0x1b0\n__pm_runtime_set_status+0x298/0x560\ncdns_resume+0xb0/0x1c0\ncdns3_controller_resume.isra.0+0x1e0/0x250\ncdns3_plat_resume+0x28/0x40", "A flaw was found in the Linux kernel's cdns3 USB driver. During the device resume process, the pm_runtime_set_active function was incorrectly called from within a spin lock, which is an atomic operation. This improper handling can lead to a system crash, resulting in a Denial of Service (DoS). A local attacker could potentially trigger this condition." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Fix deferred", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-53287\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53287\nhttps://lore.kernel.org/linux-cve-announce/2025091625-CVE-2023-53287-d8cd@gregkh/T" ], "name" : "CVE-2023-53287", "csaw" : false }