Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2023-53098

Severity CVSS v4.0:
Pending analysis
Type:
CWE-476 NULL Pointer Dereference
Publication date:
02/05/2025
Last modified:
12/11/2025

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> media: rc: gpio-ir-recv: add remove function<br /> <br /> In case runtime PM is enabled, do runtime PM clean up to remove<br /> cpu latency qos request, otherwise driver removal may have below<br /> kernel dump:<br /> <br /> [ 19.463299] Unable to handle kernel NULL pointer dereference at<br /> virtual address 0000000000000048<br /> [ 19.472161] Mem abort info:<br /> [ 19.474985] ESR = 0x0000000096000004<br /> [ 19.478754] EC = 0x25: DABT (current EL), IL = 32 bits<br /> [ 19.484081] SET = 0, FnV = 0<br /> [ 19.487149] EA = 0, S1PTW = 0<br /> [ 19.490361] FSC = 0x04: level 0 translation fault<br /> [ 19.495256] Data abort info:<br /> [ 19.498149] ISV = 0, ISS = 0x00000004<br /> [ 19.501997] CM = 0, WnR = 0<br /> [ 19.504977] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000049f81000<br /> [ 19.511432] [0000000000000048] pgd=0000000000000000,<br /> p4d=0000000000000000<br /> [ 19.518245] Internal error: Oops: 0000000096000004 [#1] PREEMPT SMP<br /> [ 19.524520] Modules linked in: gpio_ir_recv(+) rc_core [last<br /> unloaded: rc_core]<br /> [ 19.531845] CPU: 0 PID: 445 Comm: insmod Not tainted<br /> 6.2.0-rc1-00028-g2c397a46d47c #72<br /> [ 19.531854] Hardware name: FSL i.MX8MM EVK board (DT)<br /> [ 19.531859] pstate: 80000005 (Nzcv daif -PAN -UAO -TCO -DIT -SSBS<br /> BTYPE=--)<br /> [ 19.551777] pc : cpu_latency_qos_remove_request+0x20/0x110<br /> [ 19.557277] lr : gpio_ir_recv_runtime_suspend+0x18/0x30<br /> [gpio_ir_recv]<br /> [ 19.557294] sp : ffff800008ce3740<br /> [ 19.557297] x29: ffff800008ce3740 x28: 0000000000000000 x27:<br /> ffff800008ce3d50<br /> [ 19.574270] x26: ffffc7e3e9cea100 x25: 00000000000f4240 x24:<br /> ffffc7e3f9ef0e30<br /> [ 19.574284] x23: 0000000000000000 x22: ffff0061803820f4 x21:<br /> 0000000000000008<br /> [ 19.574296] x20: ffffc7e3fa75df30 x19: 0000000000000020 x18:<br /> ffffffffffffffff<br /> [ 19.588570] x17: 0000000000000000 x16: ffffc7e3f9efab70 x15:<br /> ffffffffffffffff<br /> [ 19.595712] x14: ffff800008ce37b8 x13: ffff800008ce37aa x12:<br /> 0000000000000001<br /> [ 19.602853] x11: 0000000000000001 x10: ffffcbe3ec0dff87 x9 :<br /> 0000000000000008<br /> [ 19.609991] x8 : 0101010101010101 x7 : 0000000000000000 x6 :<br /> 000000000f0bfe9f<br /> [ 19.624261] x5 : 00ffffffffffffff x4 : 0025ab8e00000000 x3 :<br /> ffff006180382010<br /> [ 19.631405] x2 : ffffc7e3e9ce8030 x1 : ffffc7e3fc3eb810 x0 :<br /> 0000000000000020<br /> [ 19.638548] Call trace:<br /> [ 19.640995] cpu_latency_qos_remove_request+0x20/0x110<br /> [ 19.646142] gpio_ir_recv_runtime_suspend+0x18/0x30 [gpio_ir_recv]<br /> [ 19.652339] pm_generic_runtime_suspend+0x2c/0x44<br /> [ 19.657055] __rpm_callback+0x48/0x1dc<br /> [ 19.660807] rpm_callback+0x6c/0x80<br /> [ 19.664301] rpm_suspend+0x10c/0x640<br /> [ 19.667880] rpm_idle+0x250/0x2d0<br /> [ 19.671198] update_autosuspend+0x38/0xe0<br /> [ 19.675213] pm_runtime_set_autosuspend_delay+0x40/0x60<br /> [ 19.680442] gpio_ir_recv_probe+0x1b4/0x21c [gpio_ir_recv]<br /> [ 19.685941] platform_probe+0x68/0xc0<br /> [ 19.689610] really_probe+0xc0/0x3dc<br /> [ 19.693189] __driver_probe_device+0x7c/0x190<br /> [ 19.697550] driver_probe_device+0x3c/0x110<br /> [ 19.701739] __driver_attach+0xf4/0x200<br /> [ 19.705578] bus_for_each_dev+0x70/0xd0<br /> [ 19.709417] driver_attach+0x24/0x30<br /> [ 19.712998] bus_add_driver+0x17c/0x240<br /> [ 19.716834] driver_register+0x78/0x130<br /> [ 19.720676] __platform_driver_register+0x28/0x34<br /> [ 19.725386] gpio_ir_recv_driver_init+0x20/0x1000 [gpio_ir_recv]<br /> [ 19.731404] do_one_initcall+0x44/0x2ac<br /> [ 19.735243] do_init_module+0x48/0x1d0<br /> [ 19.739003] load_module+0x19fc/0x2034<br /> [ 19.742759] __do_sys_finit_module+0xac/0x12c<br /> [ 19.747124] __arm64_sys_finit_module+0x20/0x30<br /> [ 19.751664] invoke_syscall+0x48/0x114<br /> [ 19.755420] el0_svc_common.constprop.0+0xcc/0xec<br /> [ 19.760132] do_el0_svc+0x38/0xb0<br /> [ 19.763456] el0_svc+0x2c/0x84<br /> [ 19.766516] el0t_64_sync_handler+0xf4/0x120<br /> [ 19.770789] el0t_64_sync+0x190/0x194<br /> [ 19.774460] Code: 910003fd a90153f3 aa0003f3 91204021 (f9401400)<br /> [ 19.780556] ---[ end trace 0000000000000000 ]---

Impact

Vector 3.x
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS v3.1 Severity and Metrics:

Base Score: 5.50 MEDIUM
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): None
Integrity (I): None
Availability (A): High

Base Score 3.x
5.50
Severity 3.x
MEDIUM

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.10.175 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.11 (including) 5.15.103 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 5.16 (including) 6.1.20 (excluding)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* 6.2 (including) 6.2.7 (excluding)

To consult the complete list of CPE names with products and versions, see this page


References to Advisories, Solutions, and Tools