In the Linux kernel, the following vulnerability has been resolved:
media: rkisp1: Fix IRQ handling due to shared interrupts
The driver requests the interrupts as IRQF_SHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will hang as the driver tries to access the ISP registers.
This can be reproduced even without the platform sharing the IRQ line: Enable CONFIGDEBUGSHIRQ and unload the driver, and the board will hang.
Fix this by adding a new field, 'irqs_enabled', which is used to bail out from the interrupt handler when the ISP is not operational.
{ "vanir_signatures": [ { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c" }, "id": "CVE-2023-52660-001da15c", "digest": { "line_hashes": [ "133611800256430315447437744806203397535", "267921960813703843124084071922515912088", "290555137344012220558011547169814183938" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c", "function": "rkisp1_csi_isr" }, "id": "CVE-2023-52660-05f076df", "digest": { "length": 771.0, "function_hash": "15215629942515829697341901655904780794" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c", "function": "rkisp1_capture_isr" }, "id": "CVE-2023-52660-0b011482", "digest": { "length": 679.0, "function_hash": "48155488100694215367621273727214825113" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c", "function": "rkisp1_isp_isr" }, "id": "CVE-2023-52660-0c5d0313", "digest": { "length": 1173.0, "function_hash": "314819608854093481589609320160860023371" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-common.h" }, "id": "CVE-2023-52660-0f2f7f65", "digest": { "line_hashes": [ "127312376367949125420013244914976145709", "36742536868053483695950387042966635001", "257268174755239423654807011832228404417", "261532854525569684345131226156252970997", "79167098459803376279525688816993355745", "311890180759707602245841536962429162775", "239127151033569332419048269268132261698" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "function": "rkisp1_runtime_resume" }, "id": "CVE-2023-52660-2734f47b", "digest": { "length": 227.0, "function_hash": "185602397758602390209331286796005919028" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c" }, "id": "CVE-2023-52660-39144ffe", "digest": { "line_hashes": [ "133611800256430315447437744806203397535", "267921960813703843124084071922515912088", "290555137344012220558011547169814183938" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "function": "rkisp1_runtime_suspend" }, "id": "CVE-2023-52660-3961018e", "digest": { "length": 151.0, "function_hash": "79904824122309032844113035628315833703" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c" }, "id": "CVE-2023-52660-3aa624d6", "digest": { "line_hashes": [ "337488991821860435550081136507890900920", "130170312571648578351441677214474934938", "181741488173609226037326393877965138158" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-common.h" }, "id": "CVE-2023-52660-4e439ddd", "digest": { "line_hashes": [ "127312376367949125420013244914976145709", "36742536868053483695950387042966635001", "257268174755239423654807011832228404417", "261532854525569684345131226156252970997", "79167098459803376279525688816993355745", "311890180759707602245841536962429162775", "239127151033569332419048269268132261698" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c" }, "id": "CVE-2023-52660-56d5b76c", "digest": { "line_hashes": [ "235807937374590422931607464312451398696", "213376781556015494030574616102266066598", "110994092715725050953986585674584907603" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c", "function": "rkisp1_csi_isr" }, "id": "CVE-2023-52660-5e781269", "digest": { "length": 771.0, "function_hash": "15215629942515829697341901655904780794" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-common.h" }, "id": "CVE-2023-52660-6417adf6", "digest": { "line_hashes": [ "127312376367949125420013244914976145709", "36742536868053483695950387042966635001", "257268174755239423654807011832228404417", "261532854525569684345131226156252970997", "79167098459803376279525688816993355745", "311890180759707602245841536962429162775", "239127151033569332419048269268132261698" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c" }, "id": "CVE-2023-52660-6554d64a", "digest": { "line_hashes": [ "182196174695956801528449076124882313613", "54816876275437385225491609905136125187", "139893131014866551064274294587509277745", "19751498261090266361552195785857875322", "336400901821628962756340672797677567198", "19928506972039155947912818933510428252" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c" }, "id": "CVE-2023-52660-8ae56f27", "digest": { "line_hashes": [ "182196174695956801528449076124882313613", "54816876275437385225491609905136125187", "139893131014866551064274294587509277745", "19751498261090266361552195785857875322", "336400901821628962756340672797677567198", "19928506972039155947912818933510428252" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c" }, "id": "CVE-2023-52660-90178bb4", "digest": { "line_hashes": [ "337488991821860435550081136507890900920", "130170312571648578351441677214474934938", "181741488173609226037326393877965138158" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c", "function": "rkisp1_isp_isr" }, "id": "CVE-2023-52660-a16d1f7e", "digest": { "length": 1173.0, "function_hash": "314819608854093481589609320160860023371" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "function": "rkisp1_runtime_suspend" }, "id": "CVE-2023-52660-a190c216", "digest": { "length": 151.0, "function_hash": "79904824122309032844113035628315833703" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c" }, "id": "CVE-2023-52660-ad70fe21", "digest": { "line_hashes": [ "182196174695956801528449076124882313613", "54816876275437385225491609905136125187", "139893131014866551064274294587509277745", "19751498261090266361552195785857875322", "336400901821628962756340672797677567198", "19928506972039155947912818933510428252" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c", "function": "rkisp1_csi_isr" }, "id": "CVE-2023-52660-b831a920", "digest": { "length": 771.0, "function_hash": "15215629942515829697341901655904780794" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "function": "rkisp1_runtime_resume" }, "id": "CVE-2023-52660-be289e0d", "digest": { "length": 227.0, "function_hash": "185602397758602390209331286796005919028" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "function": "rkisp1_runtime_resume" }, "id": "CVE-2023-52660-d3883bb0", "digest": { "length": 227.0, "function_hash": "185602397758602390209331286796005919028" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c" }, "id": "CVE-2023-52660-d5f07277", "digest": { "line_hashes": [ "133611800256430315447437744806203397535", "267921960813703843124084071922515912088", "290555137344012220558011547169814183938" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c", "function": "rkisp1_isp_isr" }, "id": "CVE-2023-52660-d7feb111", "digest": { "length": 1173.0, "function_hash": "314819608854093481589609320160860023371" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c", "function": "rkisp1_capture_isr" }, "id": "CVE-2023-52660-e80582cc", "digest": { "length": 679.0, "function_hash": "48155488100694215367621273727214825113" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c" }, "id": "CVE-2023-52660-ef1c9020", "digest": { "line_hashes": [ "337488991821860435550081136507890900920", "130170312571648578351441677214474934938", "181741488173609226037326393877965138158" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b39b4d207d4f236a74e20d291f6356f2231fd9ee" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c", "function": "rkisp1_capture_isr" }, "id": "CVE-2023-52660-f342926d", "digest": { "length": 679.0, "function_hash": "48155488100694215367621273727214825113" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c" }, "id": "CVE-2023-52660-f7e3023e", "digest": { "line_hashes": [ "235807937374590422931607464312451398696", "213376781556015494030574616102266066598", "110994092715725050953986585674584907603" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" }, { "signature_type": "Line", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c" }, "id": "CVE-2023-52660-fc668177", "digest": { "line_hashes": [ "235807937374590422931607464312451398696", "213376781556015494030574616102266066598", "110994092715725050953986585674584907603" ], "threshold": 0.9 }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abd34206f396d3ae50cddbd5aa840b8cd7f68c63" }, { "signature_type": "Function", "deprecated": false, "signature_version": "v1", "target": { "file": "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "function": "rkisp1_runtime_suspend" }, "id": "CVE-2023-52660-fd599e45", "digest": { "length": 151.0, "function_hash": "79904824122309032844113035628315833703" }, "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@edcf92bc66d8361c51dff953a55210e5cfd95587" } ] }