CVE-2023-53287
- Source
- https://cve.org/CVERecord?id=CVE-2023-53287
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53287.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53287
- Downstream
- Related
- Published
- 2025-09-16T08:11:20.304Z
- Modified
- 2026-03-20T12:33:04.737100Z
- Severity
-
- 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- usb: cdns3: Put the cdns set active part outside the spin lock
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: cdns3: Put the cdns set active part outside the spin lock
The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pmruntimeset_active will resume suppliers, put set active outside the spin lock, which is only used to protect the struct cdns data structure, otherwise the kernel will report the following warning:
BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163 inatomic(): 1, irqsdisabled(): 0, nonblock: 0, pid: 651, name: sh preemptcount: 1, expected: 0 RCU nest depth: 0, expected: 0 CPU: 0 PID: 651 Comm: sh Tainted: G WC 6.1.20 #1 Hardware name: Freescale i.MX8QM MEK (DT) Call trace: dumpbacktrace.part.0+0xe0/0xf0 showstack+0x18/0x30 dumpstacklvl+0x64/0x80 dump_stack+0x1c/0x38 __might_resched+0x1fc/0x240 __might_sleep+0x68/0xc0 __pmruntimeresume+0x9c/0xe0 rpmgetsuppliers+0x68/0x1b0 __pmruntimesetstatus+0x298/0x560 cdnsresume+0xb0/0x1c0 cdns3controllerresume.isra.0+0x1e0/0x250 cdns3platresume+0x28/0x40
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53287.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/2319b9c87fe243327285f2fefd7374ffd75a65fc
- https://git.kernel.org/stable/c/bbc9c3652708108738009e096d608ece3cd9fa8a
- https://git.kernel.org/stable/c/c861a61be6d30538ebcf7fcab1d43f244e298840
- https://git.kernel.org/stable/c/d3f372ec95b89776f72d5c9a475424e27734c223
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53287.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53287
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced7733f6c32e36ff9d7adadf40001039bf219b1cbeFixedc861a61be6d30538ebcf7fcab1d43f244e298840Fixedbbc9c3652708108738009e096d608ece3cd9fa8aFixedd3f372ec95b89776f72d5c9a475424e27734c223Fixed2319b9c87fe243327285f2fefd7374ffd75a65fc