CVE-2023-52645 — MEDIUM (4.7)

Q: How severe is CVE-2023-52645?

CVE-2023-52645 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2023-52645?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.

Vulnerability Description

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs if genpd tries to power them on in the same time. The same is valid for powering them off before unregistering them from genpd. Attempt to fix race conditions by first removing the domains from genpd and *after that* powering down domains. Also first power up the domains and *after that* register them to genpd.

CVSS Score

4.7

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Linux	Linux Kernel	>= 5.11, < 5.15.150

Related Weaknesses (CWE)

CWE-362

References

FAQ

What is CVE-2023-52645?

CVE-2023-52645 is a vulnerability with a CVSS score of 4.7 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and *after that* the drive...

How severe is CVE-2023-52645?

CVE-2023-52645 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2023-52645?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.