{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52511", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-02-20T12:30:33.315Z", "datePublished": "2024-03-02T21:52:23.277Z", "dateUpdated": "2024-11-06T19:06:54.626Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:48:18.205Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sun6i: reduce DMA RX transfer width to single byte\n\nThrough empirical testing it has been determined that sometimes RX SPI\ntransfers with DMA enabled return corrupted data. This is down to single\nor even multiple bytes lost during DMA transfer from SPI peripheral to\nmemory. It seems the RX FIFO within the SPI peripheral can become\nconfused when performing bus read accesses wider than a single byte to it\nduring an active SPI transfer.\n\nThis patch reduces the width of individual DMA read accesses to the\nRX FIFO to a single byte to mitigate that issue."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/spi/spi-sun6i.c"], "versions": [{"version": "1da177e4c3f4", "lessThan": "ff05ed4ae214", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "e15bb292b246", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "b3c21c9c7289", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f4", "lessThan": "171f8a49f212", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/spi/spi-sun6i.c"], "versions": [{"version": "5.15.134", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.56", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.6", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "references": [{"url": "https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc"}, {"url": "https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb"}, {"url": "https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355"}, {"url": "https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18"}], "title": "spi: sun6i: reduce DMA RX transfer width to single byte", "x_generator": {"engine": "bippy-9e1c9544281a"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-noinfo Not enough information"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-03-05T15:54:01.998039Z", "id": "CVE-2023-52511", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-11-06T19:06:54.626Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.530Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:20.530Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2023-52511", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-05T15:54:01.998039Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "description": "CWE-noinfo Not enough information"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T19:01:15.075Z"}}], "cna": {"title": "spi: sun6i: reduce DMA RX transfer width to single byte", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "1da177e4c3f4", "lessThan": "ff05ed4ae214", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "e15bb292b246", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "b3c21c9c7289", "versionType": "git"}, {"status": "affected", "version": "1da177e4c3f4", "lessThan": "171f8a49f212", "versionType": "git"}], "programFiles": ["drivers/spi/spi-sun6i.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "unaffected", "version": "5.15.134", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.56", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.5.6", "versionType": "semver", "lessThanOrEqual": "6.5.*"}, {"status": "unaffected", "version": "6.6", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/spi/spi-sun6i.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc"}, {"url": "https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb"}, {"url": "https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355"}, {"url": "https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18"}], "x_generator": {"engine": "bippy-9e1c9544281a"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sun6i: reduce DMA RX transfer width to single byte\n\nThrough empirical testing it has been determined that sometimes RX SPI\ntransfers with DMA enabled return corrupted data. This is down to single\nor even multiple bytes lost during DMA transfer from SPI peripheral to\nmemory. It seems the RX FIFO within the SPI peripheral can become\nconfused when performing bus read accesses wider than a single byte to it\nduring an active SPI transfer.\n\nThis patch reduces the width of individual DMA read accesses to the\nRX FIFO to a single byte to mitigate that issue."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-11-04T14:48:18.205Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52511", "state": "PUBLISHED", "dateUpdated": "2024-11-06T19:06:54.626Z", "dateReserved": "2024-02-20T12:30:33.315Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-03-02T21:52:23.277Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sun6i: reduce DMA RX transfer width to single byte\n\nThrough empirical testing it has been determined that sometimes RX SPI\ntransfers with DMA enabled return corrupted data. This is down to single\nor even multiple bytes lost during DMA transfer from SPI peripheral to\nmemory. It seems the RX FIFO within the SPI peripheral can become\nconfused when performing bus read accesses wider than a single byte to it\nduring an active SPI transfer.\n\nThis patch reduces the width of individual DMA read accesses to the\nRX FIFO to a single byte to mitigate that issue."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: spi: sun6i: reduce el ancho de transferencia DMA RX a un solo byte. Mediante pruebas emp\u00edricas se ha determinado que a veces las transferencias RX SPI con DMA habilitado devuelven datos corruptos. Esto se debe a la p\u00e9rdida de uno o incluso varios bytes durante la transferencia DMA desde el perif\u00e9rico SPI a la memoria. Parece que el RX FIFO dentro del perif\u00e9rico SPI puede confundirse cuando se realizan accesos de lectura al bus de m\u00e1s de un byte durante una transferencia SPI activa. Este parche reduce el ancho de los accesos de lectura de DMA individuales al RX FIFO a un solo byte para mitigar ese problema."}], "id": "CVE-2023-52511", "lastModified": "2024-11-06T19:35:04.233", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-02T22:15:47.640", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: spi: sun6i: reduce DMA RX transfer width to single byte", "id": "2267772", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267772"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H", "status": "draft"}, "cwe": "CWE-20", "details": ["In the Linux kernel, the following vulnerability has been resolved:\nspi: sun6i: reduce DMA RX transfer width to single byte\nThrough empirical testing it has been determined that sometimes RX SPI\ntransfers with DMA enabled return corrupted data. This is down to single\nor even multiple bytes lost during DMA transfer from SPI peripheral to\nmemory. It seems the RX FIFO within the SPI peripheral can become\nconfused when performing bus read accesses wider than a single byte to it\nduring an active SPI transfer.\nThis patch reduces the width of individual DMA read accesses to the\nRX FIFO to a single byte to mitigate that issue."], "name": "CVE-2023-52511", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-03-02T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52511\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52511\nhttps://lore.kernel.org/linux-cve-announce/2024030250-CVE-2023-52511-1dbc@gregkh/T/#u"], "threat_severity": "Low", "upstream_fix": "kernel 5.15.134, kernel 6.1.56, kernel 6.5.6, kernel 6.6"}