CVE-2023-52660 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQF_SHARED, so the interrupt handlers can be called at any time. If such a call happens while the ISP is powered down, the SoC will hang as the driver tries to access the ISP registers. This can be reproduced even without the platform sharing the IRQ line: Enable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will hang. Fix this by adding a new field, 'irqs_enabled', which is used to bail out from the interrupt handler when the ISP is not operational.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00039.

Exploitation none

Automatable no

Technical Impact partial

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/abd34206f396d3ae50cddbd5aa840b8cd7f68c63
https://git.kernel.org/stable/c/b39b4d207d4f236a74e20d291f6356f2231fd9ee
https://git.kernel.org/stable/c/edcf92bc66d8361c51dff953a55210e5cfd95587
https://git.kernel.org/stable/c/ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e
https://lore.kernel.org/linux-cve-announce/2024051755-CVE-2023-52660-6eac@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52660
https://www.cve.org/CVERecord?id=CVE-2023-52660

History

Mon, 04 Nov 2024 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-17T12:08:39.897Z

Updated: 2025-05-04T07:41:04.176Z

Reserved: 2024-03-07T14:49:46.884Z

Link: CVE-2023-52660

Vulnrichment

Updated: 2024-08-02T23:03:21.359Z

NVD

Status : Awaiting Analysis

Published: 2024-05-17T13:15:57.770

Modified: 2024-11-21T08:40:18.393

Link: CVE-2023-52660

Redhat

Severity : Moderate

Publid Date: 2024-05-17T00:00:00Z

Links: CVE-2023-52660 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52660", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-03-07T14:49:46.884Z", "datePublished": "2024-05-17T12:08:39.897Z", "dateUpdated": "2025-05-04T07:41:04.176Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T07:41:04.176Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ handling due to shared interrupts\n\nThe driver requests the interrupts as IRQF_SHARED, so the interrupt\nhandlers can be called at any time. If such a call happens while the ISP\nis powered down, the SoC will hang as the driver tries to access the\nISP registers.\n\nThis can be reproduced even without the platform sharing the IRQ line:\nEnable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will\nhang.\n\nFix this by adding a new field, 'irqs_enabled', which is used to bail\nout from the interrupt handler when the ISP is not operational."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-common.h", "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c"], "versions": [{"version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "abd34206f396d3ae50cddbd5aa840b8cd7f68c63", "status": "affected", "versionType": "git"}, {"version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "b39b4d207d4f236a74e20d291f6356f2231fd9ee", "status": "affected", "versionType": "git"}, {"version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "edcf92bc66d8361c51dff953a55210e5cfd95587", "status": "affected", "versionType": "git"}, {"version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-common.h", "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c"], "versions": [{"version": "5.6", "status": "affected"}, {"version": "0", "lessThan": "5.6", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.83", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.23", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7.11", "lessThanOrEqual": "6.7.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.1.83"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.6.23"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.7.11"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.6", "versionEndExcluding": "6.8"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/abd34206f396d3ae50cddbd5aa840b8cd7f68c63"}, {"url": "https://git.kernel.org/stable/c/b39b4d207d4f236a74e20d291f6356f2231fd9ee"}, {"url": "https://git.kernel.org/stable/c/edcf92bc66d8361c51dff953a55210e5cfd95587"}, {"url": "https://git.kernel.org/stable/c/ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e"}], "title": "media: rkisp1: Fix IRQ handling due to shared interrupts", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-06-17T17:39:29.830848Z", "id": "CVE-2023-52660", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:43:38.030Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.359Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/abd34206f396d3ae50cddbd5aa840b8cd7f68c63", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b39b4d207d4f236a74e20d291f6356f2231fd9ee", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/edcf92bc66d8361c51dff953a55210e5cfd95587", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/abd34206f396d3ae50cddbd5aa840b8cd7f68c63", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b39b4d207d4f236a74e20d291f6356f2231fd9ee", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/edcf92bc66d8361c51dff953a55210e5cfd95587", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:03:21.359Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52660", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-06-17T17:39:29.830848Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-17T17:39:31.046Z"}}], "cna": {"title": "media: rkisp1: Fix IRQ handling due to shared interrupts", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "abd34206f396d3ae50cddbd5aa840b8cd7f68c63", "versionType": "git"}, {"status": "affected", "version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "b39b4d207d4f236a74e20d291f6356f2231fd9ee", "versionType": "git"}, {"status": "affected", "version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "edcf92bc66d8361c51dff953a55210e5cfd95587", "versionType": "git"}, {"status": "affected", "version": "25cb42af9ffabffec499e9e69e2fd3797774ce5b", "lessThan": "ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e", "versionType": "git"}], "programFiles": ["drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-common.h", "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.6"}, {"status": "unaffected", "version": "0", "lessThan": "5.6", "versionType": "semver"}, {"status": "unaffected", "version": "6.1.83", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.23", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7.11", "versionType": "semver", "lessThanOrEqual": "6.7.*"}, {"status": "unaffected", "version": "6.8", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["drivers/media/platform/rockchip/rkisp1/rkisp1-capture.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-common.h", "drivers/media/platform/rockchip/rkisp1/rkisp1-csi.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-dev.c", "drivers/media/platform/rockchip/rkisp1/rkisp1-isp.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/abd34206f396d3ae50cddbd5aa840b8cd7f68c63"}, {"url": "https://git.kernel.org/stable/c/b39b4d207d4f236a74e20d291f6356f2231fd9ee"}, {"url": "https://git.kernel.org/stable/c/edcf92bc66d8361c51dff953a55210e5cfd95587"}, {"url": "https://git.kernel.org/stable/c/ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e"}], "x_generator": {"engine": "bippy-5f407fcff5a0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ handling due to shared interrupts\n\nThe driver requests the interrupts as IRQF_SHARED, so the interrupt\nhandlers can be called at any time. If such a call happens while the ISP\nis powered down, the SoC will hang as the driver tries to access the\nISP registers.\n\nThis can be reproduced even without the platform sharing the IRQ line:\nEnable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will\nhang.\n\nFix this by adding a new field, 'irqs_enabled', which is used to bail\nout from the interrupt handler when the ISP is not operational."}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2024-12-19T08:23:33.693Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52660", "state": "PUBLISHED", "dateUpdated": "2024-12-19T08:23:33.693Z", "dateReserved": "2024-03-07T14:49:46.884Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-17T12:08:39.897Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: rkisp1: Fix IRQ handling due to shared interrupts\n\nThe driver requests the interrupts as IRQF_SHARED, so the interrupt\nhandlers can be called at any time. If such a call happens while the ISP\nis powered down, the SoC will hang as the driver tries to access the\nISP registers.\n\nThis can be reproduced even without the platform sharing the IRQ line:\nEnable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will\nhang.\n\nFix this by adding a new field, 'irqs_enabled', which is used to bail\nout from the interrupt handler when the ISP is not operational."}, {"lang": "es", "value": " En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: media: rkisp1: Corrige el manejo de IRQ debido a interrupciones compartidas. El controlador solicita las interrupciones como IRQF_SHARED, por lo que se puede llamar a los controladores de interrupciones en cualquier momento. Si se produce una llamada de este tipo mientras el ISP est\u00e1 apagado, el SoC se bloquear\u00e1 cuando el controlador intente acceder a los registros del ISP. Esto se puede reproducir incluso sin que la plataforma comparta la l\u00ednea IRQ: habilite CONFIG_DEBUG_SHIRQ y descargue el controlador, y la placa se bloquear\u00e1. Solucione este problema agregando un nuevo campo, 'irqs_enabled', que se utiliza para salir del controlador de interrupciones cuando el ISP no est\u00e1 operativo."}], "id": "CVE-2023-52660", "lastModified": "2024-11-21T08:40:18.393", "metrics": {}, "published": "2024-05-17T13:15:57.770", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/abd34206f396d3ae50cddbd5aa840b8cd7f68c63"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b39b4d207d4f236a74e20d291f6356f2231fd9ee"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/edcf92bc66d8361c51dff953a55210e5cfd95587"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/abd34206f396d3ae50cddbd5aa840b8cd7f68c63"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/b39b4d207d4f236a74e20d291f6356f2231fd9ee"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/edcf92bc66d8361c51dff953a55210e5cfd95587"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/ffb635bb398fc07cb38f8a7b4a82cbe5f412f08e"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"bugzilla": {"description": "kernel: media: rkisp1: Fix IRQ handling due to shared interrupts", "id": "2281143", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281143"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nmedia: rkisp1: Fix IRQ handling due to shared interrupts\nThe driver requests the interrupts as IRQF_SHARED, so the interrupt\nhandlers can be called at any time. If such a call happens while the ISP\nis powered down, the SoC will hang as the driver tries to access the\nISP registers.\nThis can be reproduced even without the platform sharing the IRQ line:\nEnable CONFIG_DEBUG_SHIRQ and unload the driver, and the board will\nhang.\nFix this by adding a new field, 'irqs_enabled', which is used to bail\nout from the interrupt handler when the ISP is not operational."], "name": "CVE-2023-52660", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52660\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52660\nhttps://lore.kernel.org/linux-cve-announce/2024051755-CVE-2023-52660-6eac@gregkh/T"], "threat_severity": "Moderate"}