CVE-2023-52853

Previously the cp2112 driver called INITDELAYEDWORK within cp2112gpioirqstartup, resulting in duplicate initilizations of the workqueue on subsequent IRQ startups following an initial request. This resulted in a warning in setworkdata in workqueue.c, as well as a rare NULL dereference within processone_work in workqueue.c.

Initialize the workqueue within _probe instead.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52853.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

13de9cca514ed63604263cad87ca8cb36e9b6489

Fixed

df0daac2709473531d6a3472997cc65301ac06d6

Fixed

727203e6e7e7020e1246fc1628cbdb8d90177819

Fixed

3d959406c8fff2334d83d0c352d54fd6f5b2e7cd

Fixed

012d0c66f9392a99232ac28217229f32dd3a70cf

Fixed

bafb12b629b7c3ad59812dd1ac1b0618062e0e38

Fixed

fb5718bc67337dde1528661f419ffcf275757592

Fixed

eb1121fac7986b30915ba20c5a04cc01fdcf160c

Fixed

e3c2d2d144c082dd71596953193adf9891491f42

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52853.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.10.0

Fixed

4.19.299

Type: ECOSYSTEM
Events: Introduced

4.20.0

Fixed

5.4.261

Type: ECOSYSTEM
Events: Introduced

5.5.0

Fixed

5.10.201

Type: ECOSYSTEM
Events: Introduced

5.11.0

Fixed

5.15.139

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.63

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.5.12

Type: ECOSYSTEM
Events: Introduced

6.6.0

Fixed

6.6.2

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52853.json"