CVE-2023-52884

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52884
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52884.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-52884
Downstream
Related
Published
2024-06-21T10:18:03.669Z
Modified
2025-11-28T02:34:29.341369Z
Severity
  • 4.4 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Input: cyapa - add missing input core locking to suspend/resume functions
Details

In the Linux kernel, the following vulnerability has been resolved:

Input: cyapa - add missing input core locking to suspend/resume functions

Grab input->mutex during suspend/resume functions like it is done in other input drivers. This fixes the following warning during system suspend/resume cycle on Samsung Exynos5250-based Snow Chromebook:

------------[ cut here ]------------ WARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 inputdeviceenabled+0x68/0x6c Modules linked in: ... CPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109 Hardware name: Samsung Exynos (Flattened Device Tree) Workqueue: eventsunbound asyncrunentryfn unwindbacktrace from showstack+0x10/0x14 showstack from dumpstacklvl+0x58/0x70 dumpstacklvl from _warn+0x1a8/0x1cc _warn from warnslowpathfmt+0x18c/0x1b4 warnslowpathfmt from inputdeviceenabled+0x68/0x6c inputdeviceenabled from cyapagen3setpowermode+0x13c/0x1dc cyapagen3setpowermode from cyapareinitialize+0x10c/0x15c cyapareinitialize from cyaparesume+0x48/0x98 cyaparesume from dpmruncallback+0x90/0x298 dpmruncallback from deviceresume+0xb4/0x258 deviceresume from asyncresume+0x20/0x64 asyncresume from asyncrunentryfn+0x40/0x15c asyncrunentryfn from processscheduledworks+0xbc/0x6a8 processscheduledworks from workerthread+0x188/0x454 workerthread from kthread+0x108/0x140 kthread from retfromfork+0x14/0x28 Exception stack(0xf1625fb0 to 0xf1625ff8) ... ---[ end trace 0000000000000000 ]--- ... ------------[ cut here ]------------ WARNING: CPU: 1 PID: 1680 at drivers/input/input.c:2291 inputdeviceenabled+0x68/0x6c Modules linked in: ... CPU: 1 PID: 1680 Comm: kworker/u4:12 Tainted: G W 6.6.0-rc5-next-20231009 #14109 Hardware name: Samsung Exynos (Flattened Device Tree) Workqueue: eventsunbound asyncrunentryfn unwindbacktrace from showstack+0x10/0x14 showstack from dumpstacklvl+0x58/0x70 dumpstacklvl from _warn+0x1a8/0x1cc _warn from warnslowpathfmt+0x18c/0x1b4 warnslowpathfmt from inputdeviceenabled+0x68/0x6c inputdeviceenabled from cyapagen3setpowermode+0x13c/0x1dc cyapagen3setpowermode from cyapareinitialize+0x10c/0x15c cyapareinitialize from cyaparesume+0x48/0x98 cyaparesume from dpmruncallback+0x90/0x298 dpmruncallback from deviceresume+0xb4/0x258 deviceresume from asyncresume+0x20/0x64 asyncresume from asyncrunentryfn+0x40/0x15c asyncrunentryfn from processscheduledworks+0xbc/0x6a8 processscheduledworks from workerthread+0x188/0x454 workerthread from kthread+0x108/0x140 kthread from retfromfork+0x14/0x28 Exception stack(0xf1625fb0 to 0xf1625ff8) ... ---[ end trace 0000000000000000 ]---

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52884.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d69f0a43c677e8afc67a222e1e7b51b9acc69cd3
Fixed
f99809fdeb50d65bcbc1661ef391af94eebb8a75
Fixed
9400caf566f65c703e99d95f87b00c4b445627a7
Fixed
a4c638ab25786bd5aab5978fe51b2b9be16a4ebd
Fixed
a5fc298fa8f67cf1f0e1fc126eab70578cd40adc
Fixed
7b4e0b39182cf5e677c1fc092a3ec40e621c25b6

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.161
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.93
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.33
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.9.4