{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54118", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T13:02:52.520Z", "datePublished": "2025-12-24T13:06:38.998Z", "dateUpdated": "2025-12-24T13:06:38.998Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T13:06:38.998Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: setup GPIO controller later in probe\n\nThe GPIO controller component of the sc16is7xx driver is setup too\nearly, which can result in a race condition where another device tries\nto utilise the GPIO lines before the sc16is7xx device has finished\ninitialising.\n\nThis issue manifests itself as an Oops when the GPIO lines are configured:\n\n Unable to handle kernel read from unreadable memory at virtual address\n ...\n pc : sc16is7xx_gpio_direction_output+0x68/0x108 [sc16is7xx]\n lr : sc16is7xx_gpio_direction_output+0x4c/0x108 [sc16is7xx]\n ...\n Call trace:\n sc16is7xx_gpio_direction_output+0x68/0x108 [sc16is7xx]\n gpiod_direction_output_raw_commit+0x64/0x318\n gpiod_direction_output+0xb0/0x170\n create_gpio_led+0xec/0x198\n gpio_led_probe+0x16c/0x4f0\n platform_drv_probe+0x5c/0xb0\n really_probe+0xe8/0x448\n driver_probe_device+0xe8/0x138\n __device_attach_driver+0x94/0x118\n bus_for_each_drv+0x8c/0xe0\n __device_attach+0x100/0x1b8\n device_initial_probe+0x28/0x38\n bus_probe_device+0xa4/0xb0\n deferred_probe_work_func+0x90/0xe0\n process_one_work+0x1c4/0x480\n worker_thread+0x54/0x430\n kthread+0x138/0x150\n ret_from_fork+0x10/0x1c\n\nThis patch moves the setup of the GPIO controller functions to later in the\nprobe function, ensuring the sc16is7xx device has already finished\ninitialising by the time other devices try to make use of the GPIO lines.\nThe error handling has also been reordered to reflect the new\ninitialisation order."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/tty/serial/sc16is7xx.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "17b96b5c19bec791b433890549e44ca523dc82aa", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "49b326ce8a686428d8cbb82ed74fc88ed3f95a51", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "f57c2164d082a36d177ab7fbf54c18970df89c22", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "b71ff206707855ce73c04794c76f7b678b2d4f72", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c8f71b49ee4d28930c4a6798d1969fa91dc4ef3e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/tty/serial/sc16is7xx.c"], "versions": [{"version": "5.10.173", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.100", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.18", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.5", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.10.173"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "5.15.100"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.18"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.2.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.3"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/17b96b5c19bec791b433890549e44ca523dc82aa"}, {"url": "https://git.kernel.org/stable/c/49b326ce8a686428d8cbb82ed74fc88ed3f95a51"}, {"url": "https://git.kernel.org/stable/c/f57c2164d082a36d177ab7fbf54c18970df89c22"}, {"url": "https://git.kernel.org/stable/c/b71ff206707855ce73c04794c76f7b678b2d4f72"}, {"url": "https://git.kernel.org/stable/c/c8f71b49ee4d28930c4a6798d1969fa91dc4ef3e"}], "title": "serial: sc16is7xx: setup GPIO controller later in probe", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nserial: sc16is7xx: setup GPIO controller later in probe\n\nThe GPIO controller component of the sc16is7xx driver is setup too\nearly, which can result in a race condition where another device tries\nto utilise the GPIO lines before the sc16is7xx device has finished\ninitialising.\n\nThis issue manifests itself as an Oops when the GPIO lines are configured:\n\n Unable to handle kernel read from unreadable memory at virtual address\n ...\n pc : sc16is7xx_gpio_direction_output+0x68/0x108 [sc16is7xx]\n lr : sc16is7xx_gpio_direction_output+0x4c/0x108 [sc16is7xx]\n ...\n Call trace:\n sc16is7xx_gpio_direction_output+0x68/0x108 [sc16is7xx]\n gpiod_direction_output_raw_commit+0x64/0x318\n gpiod_direction_output+0xb0/0x170\n create_gpio_led+0xec/0x198\n gpio_led_probe+0x16c/0x4f0\n platform_drv_probe+0x5c/0xb0\n really_probe+0xe8/0x448\n driver_probe_device+0xe8/0x138\n __device_attach_driver+0x94/0x118\n bus_for_each_drv+0x8c/0xe0\n __device_attach+0x100/0x1b8\n device_initial_probe+0x28/0x38\n bus_probe_device+0xa4/0xb0\n deferred_probe_work_func+0x90/0xe0\n process_one_work+0x1c4/0x480\n worker_thread+0x54/0x430\n kthread+0x138/0x150\n ret_from_fork+0x10/0x1c\n\nThis patch moves the setup of the GPIO controller functions to later in the\nprobe function, ensuring the sc16is7xx device has already finished\ninitialising by the time other devices try to make use of the GPIO lines.\nThe error handling has also been reordered to reflect the new\ninitialisation order."}], "id": "CVE-2023-54118", "lastModified": "2025-12-24T13:16:13.737", "metrics": {}, "published": "2025-12-24T13:16:13.737", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/17b96b5c19bec791b433890549e44ca523dc82aa"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/49b326ce8a686428d8cbb82ed74fc88ed3f95a51"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b71ff206707855ce73c04794c76f7b678b2d4f72"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c8f71b49ee4d28930c4a6798d1969fa91dc4ef3e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/f57c2164d082a36d177ab7fbf54c18970df89c22"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{}

{}