{
  "threat_severity" : "Low",
  "public_date" : "2025-12-09T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: ASoC: soc-compress: Reposition and add pcm_mutex",
    "id" : "2420336",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2420336"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-820",
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nASoC: soc-compress: Reposition and add pcm_mutex\nIf panic_on_warn is set and compress stream(DPCM) is started,\nthen kernel panic occurred because card->pcm_mutex isn't held appropriately.\nIn the following functions, warning were issued at this line\n\"snd_soc_dpcm_mutex_assert_held\".\nstatic int dpcm_be_connect(struct snd_soc_pcm_runtime *fe,\nstruct snd_soc_pcm_runtime *be, int stream)\n{\n...\nsnd_soc_dpcm_mutex_assert_held(fe);\n...\n}\nvoid dpcm_be_disconnect(struct snd_soc_pcm_runtime *fe, int stream)\n{\n...\nsnd_soc_dpcm_mutex_assert_held(fe);\n...\n}\nvoid snd_soc_runtime_action(struct snd_soc_pcm_runtime *rtd,\nint stream, int action)\n{\n...\nsnd_soc_dpcm_mutex_assert_held(rtd);\n...\n}\nint dpcm_dapm_stream_event(struct snd_soc_pcm_runtime *fe, int dir,\nint event)\n{\n...\nsnd_soc_dpcm_mutex_assert_held(fe);\n...\n}\nThese functions are called by soc_compr_set_params_fe, soc_compr_open_fe\nand soc_compr_free_fe\nwithout pcm_mutex locking. And this is call stack.\n[  414.527841][ T2179] pc : dpcm_process_paths+0x5a4/0x750\n[  414.527848][ T2179] lr : dpcm_process_paths+0x37c/0x750\n[  414.527945][ T2179] Call trace:\n[  414.527949][ T2179]  dpcm_process_paths+0x5a4/0x750\n[  414.527955][ T2179]  soc_compr_open_fe+0xb0/0x2cc\n[  414.527972][ T2179]  snd_compr_open+0x180/0x248\n[  414.527981][ T2179]  snd_open+0x15c/0x194\n[  414.528003][ T2179]  chrdev_open+0x1b0/0x220\n[  414.528023][ T2179]  do_dentry_open+0x30c/0x594\n[  414.528045][ T2179]  vfs_open+0x34/0x44\n[  414.528053][ T2179]  path_openat+0x914/0xb08\n[  414.528062][ T2179]  do_filp_open+0xc0/0x170\n[  414.528068][ T2179]  do_sys_openat2+0x94/0x18c\n[  414.528076][ T2179]  __arm64_sys_openat+0x78/0xa4\n[  414.528084][ T2179]  invoke_syscall+0x48/0x10c\n[  414.528094][ T2179]  el0_svc_common+0xbc/0x104\n[  414.528099][ T2179]  do_el0_svc+0x34/0xd8\n[  414.528103][ T2179]  el0_svc+0x34/0xc4\n[  414.528125][ T2179]  el0t_64_sync_handler+0x8c/0xfc\n[  414.528133][ T2179]  el0t_64_sync+0x1a0/0x1a4\n[  414.528142][ T2179] Kernel panic - not syncing: panic_on_warn set ...\nSo, I reposition and add pcm_mutex to resolve lockdep error.", "A locking issue was found in the ASoC (ALSA SoC) compressed audio subsystem in the Linux kernel. When DPCM (Dynamic PCM) compressed streams are started, several functions access resources without properly holding the card->pcm_mutex lock. This triggers lock assertion warnings and can cause kernel panics if panic_on_warn is enabled." ],
  "statement" : "This is a locking issue in the ASoC compressed audio subsystem that causes warnings and potential panics. The impact is primarily on systems using compressed audio with DPCM routing and panic_on_warn enabled.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-11-14T00:00:00Z",
    "advisory" : "RHSA-2023:7077",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-513.5.1.el8_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-53866\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53866\nhttps://lore.kernel.org/linux-cve-announce/2025120907-CVE-2023-53866-59ec@gregkh/T" ],
  "name" : "CVE-2023-53866",
  "csaw" : false
}