Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in vast majority of cases, now and then it causes instability. This leads to system crashes and other undefined behaviour. After a lot of testing (30+ hours) while also doing a lot of frequency switches, we can't observe any instability issues anymore when doing reparenting to stable clock like 24 MHz oscillator.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | >= 4.17, < 5.4.276 |
| Debian | Debian Linux | 10.0 |
References
- https://git.kernel.org/stable/c/0b82eb134d2942ecc669e2ab2be3f0a58d79428aPatch
- https://git.kernel.org/stable/c/70f64cb29014e4c4f1fabd3265feebd80590d069Patch
- https://git.kernel.org/stable/c/7e91ed763dc07437777bd012af7a2bd4493731ffPatch
- https://git.kernel.org/stable/c/9708e5081cfc4f085690294163389bcf82655f90Patch
- https://git.kernel.org/stable/c/bfc78b4628497eb6df09a6b5bba9dd31616ee175Patch
- https://git.kernel.org/stable/c/f1fa9a9816204ac4b118b2e613d3a7c981355019Patch
- https://git.kernel.org/stable/c/fe11826ffa200e1a7a826e745163cb2f47875f66Patch
- https://git.kernel.org/stable/c/0b82eb134d2942ecc669e2ab2be3f0a58d79428aPatch
- https://git.kernel.org/stable/c/70f64cb29014e4c4f1fabd3265feebd80590d069Patch
- https://git.kernel.org/stable/c/7e91ed763dc07437777bd012af7a2bd4493731ffPatch
- https://git.kernel.org/stable/c/9708e5081cfc4f085690294163389bcf82655f90Patch
- https://git.kernel.org/stable/c/bfc78b4628497eb6df09a6b5bba9dd31616ee175Patch
- https://git.kernel.org/stable/c/f1fa9a9816204ac4b118b2e613d3a7c981355019Patch
- https://git.kernel.org/stable/c/fe11826ffa200e1a7a826e745163cb2f47875f66Patch
- https://lists.debian.org/debian-lts-announce/2024/06/msg00019.htmlThird Party Advisory
FAQ
What is CVE-2023-52882?
CVE-2023-52882 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change While PLL CPUX clock rate change when CPU is running from it works in...
How severe is CVE-2023-52882?
CVE-2023-52882 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-52882?
Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel, Debian Debian Linux.