CVE-2023-52901
- Source
- https://cve.org/CVERecord?id=CVE-2023-52901
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52901.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52901
- Downstream
- Related
- Published
- 2024-08-21T06:10:41.640Z
- Modified
- 2026-03-20T12:32:52.447346Z
- Summary
- usb: xhci: Check endpoint is valid before dereferencing it
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: xhci: Check endpoint is valid before dereferencing it
When the host controller is not responding, all URBs queued to all endpoints need to be killed. This can cause a kernel panic if we dereference an invalid endpoint.
Fix this by using xhcigetvirt_ep() helper to find the endpoint and checking if the endpoint is valid before dereferencing it.
[233311.853271] xhci-hcd xhci-hcd.1.auto: xHCI host controller not responding, assume dead [233311.853393] Unable to handle kernel NULL pointer dereference at virtual address 00000000000000e8
[233311.853964] pc : xhcihcdied+0x10c/0x270 [233311.853971] lr : xhcihcdied+0x1ac/0x270
[233311.854077] Call trace: [233311.854085] xhcihcdied+0x10c/0x270 [233311.854093] xhcistopendpointcommandwatchdog+0x100/0x1a4 [233311.854105] calltimerfn+0x50/0x2d4 [233311.854112] expiretimers+0xac/0x2e4 [233311.854118] runtimer_softirq+0x300/0xabc [233311.854127] __dosoftirq+0x148/0x528 [233311.854135] irqexit+0x194/0x1a8 [233311.854143] _handledomainirq+0x164/0x1d0 [233311.854149] gichandleirq.22273+0x10c/0x188 [233311.854156] el1irq+0xfc/0x1a8 [233311.854175] lpmcpuidleenter+0x25c/0x418 [msmpm] [233311.854185] cpuidleenterstate+0x1f0/0x764 [233311.854194] doidle+0x594/0x6ac [233311.854201] cpustartupentry+0x7c/0x80 [233311.854209] secondarystartkernel+0x170/0x198
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52901.json" }- References
-
- https://git.kernel.org/stable/c/08864dc14a6803f0377ca77b9740b26db30c020f
- https://git.kernel.org/stable/c/2d2820d5f375563690c96e60676855205abfb7f5
- https://git.kernel.org/stable/c/375be2dd61a072f7b1cac9b17eea59e07b58db3a
- https://git.kernel.org/stable/c/66fc1600855c05c4ba4e997184c91cf298e0405c
- https://git.kernel.org/stable/c/9891e5c73cab3fd9ed532dc50e9799e55e974766
- https://git.kernel.org/stable/c/e8fb5bc76eb86437ab87002d4a36d6da02165654
- https://git.kernel.org/stable/c/f39c813af0b64f44af94e435c07bfa1ddc2575f5
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52901.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52901
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced50e8725e7c429701e530439013f9681e1fa36b5dFixed375be2dd61a072f7b1cac9b17eea59e07b58db3aFixed2d2820d5f375563690c96e60676855205abfb7f5Fixed9891e5c73cab3fd9ed532dc50e9799e55e974766Fixed66fc1600855c05c4ba4e997184c91cf298e0405cFixedf39c813af0b64f44af94e435c07bfa1ddc2575f5Fixed08864dc14a6803f0377ca77b9740b26db30c020fFixede8fb5bc76eb86437ab87002d4a36d6da02165654