{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53013", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-03-27T16:40:15.749Z", "datePublished": "2025-03-27T16:43:42.437Z", "dateUpdated": "2025-03-27T16:43:42.437Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-03-27T16:43:42.437Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptdma: pt_core_execute_cmd() should use spinlock\n\nThe interrupt handler (pt_core_irq_handler()) of the ptdma\ndriver can be called from interrupt context. The code flow\nin this function can lead down to pt_core_execute_cmd() which\nwill attempt to grab a mutex, which is not appropriate in\ninterrupt context and ultimately leads to a kernel panic.\nThe fix here changes this mutex to a spinlock, which has\nbeen verified to resolve the issue."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/ptdma/ptdma-dev.c", "drivers/dma/ptdma/ptdma.h"], "versions": [{"version": "fa5d823b16a9442d609617abeec31da8b6afa224", "lessThan": "ed0d8f731e0bf1bb12a7a37698ac613db20e2794", "status": "affected", "versionType": "git"}, {"version": "fa5d823b16a9442d609617abeec31da8b6afa224", "lessThan": "13ba563c2c8055ba8a637c9f70bb833b43cb4207", "status": "affected", "versionType": "git"}, {"version": "fa5d823b16a9442d609617abeec31da8b6afa224", "lessThan": "95e5fda3b5f9ed8239b145da3fa01e641cf5d53c", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/dma/ptdma/ptdma-dev.c", "drivers/dma/ptdma/ptdma.h"], "versions": [{"version": "5.15", "status": "affected"}, {"version": "0", "lessThan": "5.15", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.91", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.9", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ed0d8f731e0bf1bb12a7a37698ac613db20e2794"}, {"url": "https://git.kernel.org/stable/c/13ba563c2c8055ba8a637c9f70bb833b43cb4207"}, {"url": "https://git.kernel.org/stable/c/95e5fda3b5f9ed8239b145da3fa01e641cf5d53c"}], "title": "ptdma: pt_core_execute_cmd() should use spinlock", "x_generator": {"engine": "bippy-5f407fcff5a0"}}}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "21EEE3D1-0886-406D-BF6E-28331027E3AB", "versionEndExcluding": "5.15.91", "versionStartIncluding": "5.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "ED5B6045-B1D2-4E03-B194-9005A351BCAE", "versionEndExcluding": "6.1.9", "versionStartIncluding": "5.16", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc1:*:*:*:*:*:*", "matchCriteriaId": "FF501633-2F44-4913-A8EE-B021929F49F6", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc2:*:*:*:*:*:*", "matchCriteriaId": "2BDA597B-CAC1-4DF0-86F0-42E142C654E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc3:*:*:*:*:*:*", "matchCriteriaId": "725C78C9-12CE-406F-ABE8-0813A01D66E8", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.2:rc4:*:*:*:*:*:*", "matchCriteriaId": "A127C155-689C-4F67-B146-44A57F4BFD85", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nptdma: pt_core_execute_cmd() should use spinlock\n\nThe interrupt handler (pt_core_irq_handler()) of the ptdma\ndriver can be called from interrupt context. The code flow\nin this function can lead down to pt_core_execute_cmd() which\nwill attempt to grab a mutex, which is not appropriate in\ninterrupt context and ultimately leads to a kernel panic.\nThe fix here changes this mutex to a spinlock, which has\nbeen verified to resolve the issue."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: ptdma: pt_core_execute_cmd() deber\u00eda usar un bloqueo de giro. El manejador de interrupciones (pt_core_irq_handler()) del controlador ptdma puede llamarse desde el contexto de interrupci\u00f3n. El flujo de c\u00f3digo en esta funci\u00f3n puede derivar en pt_core_execute_cmd(), que intentar\u00e1 obtener un mutex, lo cual no es apropiado en el contexto de interrupci\u00f3n y, en \u00faltima instancia, provoca un p\u00e1nico del kernel. Esta correcci\u00f3n convierte este mutex en un bloqueo de giro, lo cual se ha verificado para resolver el problema."}], "id": "CVE-2023-53013", "lastModified": "2025-04-14T20:51:49.353", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-03-27T17:15:50.423", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/13ba563c2c8055ba8a637c9f70bb833b43cb4207"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/95e5fda3b5f9ed8239b145da3fa01e641cf5d53c"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "tags": ["Patch"], "url": "https://git.kernel.org/stable/c/ed0d8f731e0bf1bb12a7a37698ac613db20e2794"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "kernel: ptdma: pt_core_execute_cmd() should use spinlock", "id": "2355508", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2355508"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nptdma: pt_core_execute_cmd() should use spinlock\nThe interrupt handler (pt_core_irq_handler()) of the ptdma\ndriver can be called from interrupt context. The code flow\nin this function can lead down to pt_core_execute_cmd() which\nwill attempt to grab a mutex, which is not appropriate in\ninterrupt context and ultimately leads to a kernel panic.\nThe fix here changes this mutex to a spinlock, which has\nbeen verified to resolve the issue."], "name": "CVE-2023-53013", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-03-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-53013\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53013\nhttps://lore.kernel.org/linux-cve-announce/2025032715-CVE-2023-53013-58dc@gregkh/T"], "threat_severity": "Low"}