CVE-2023-52985

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-52985

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52985.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-52985

Related

UBUNTU-CVE-2023-52985

Published

2025-03-27T17:15:45Z

Modified

2025-03-28T18:11:49Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

arm64: dts: imx8mm-verdin: Do not power down eth-phy

Currently if suspending using either freeze or memory state, the fec driver tries to power down the phy which leads to crash of the kernel and non-responsible kernel with the following call trace:

[ 24.839889 ] Call trace: [ 24.839892 ] phyerror+0x18/0x60 [ 24.839898 ] kszphyhandleinterrupt+0x6c/0x80 [ 24.839903 ] phyinterrupt+0x20/0x2c [ 24.839909 ] irqthreadfn+0x30/0xa0 [ 24.839919 ] irqthread+0x178/0x2c0 [ 24.839925 ] kthread+0x154/0x160 [ 24.839932 ] retfrom_fork+0x10/0x20

Since there is currently no functionality in the phy subsystem to power down phys let's just disable the feature of powering-down the ethernet phy.

References

Affected packages

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}