CVE-2023-52511
Last modified
CVE-2023-52511 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost during DMA transfer from SPI peripheral to memory. EPSS estimates a 0.81% chance of exploitation in the next 30 days.
Description
In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost during DMA transfer from SPI peripheral to memory. It seems the RX FIFO within the SPI peripheral can become confused when performing bus read accesses wider than a single byte to it during an active SPI transfer. This patch reduces the width of individual DMA read accesses to the RX FIFO to a single byte to mitigate that issue.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Linux | Linux Kernel | < 5.15.134 |
| Linux | Linux Kernel | >= 5.16, < 6.1.56 |
| Linux | Linux Kernel | >= 6.2, < 6.5.6 |
References
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2023-52511?
How severe is CVE-2023-52511?
How do I fix CVE-2023-52511?
Are you affected by CVE-2023-52511?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST