ghsa-9prw-2r97-97f6
Vulnerability from github
Published
2024-03-03 00:30
Modified
2024-11-06 21:30
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Details

In the Linux kernel, the following vulnerability has been resolved:

spi: sun6i: reduce DMA RX transfer width to single byte

Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost during DMA transfer from SPI peripheral to memory. It seems the RX FIFO within the SPI peripheral can become confused when performing bus read accesses wider than a single byte to it during an active SPI transfer.

This patch reduces the width of individual DMA read accesses to the RX FIFO to a single byte to mitigate that issue.

Show details on source website

To clipboard 

{
  "affected": [],
  "aliases": [
    "CVE-2023-52511"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-02T22:15:47Z",
    "severity": "MODERATE"
  },
  "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sun6i: reduce DMA RX transfer width to single byte\n\nThrough empirical testing it has been determined that sometimes RX SPI\ntransfers with DMA enabled return corrupted data. This is down to single\nor even multiple bytes lost during DMA transfer from SPI peripheral to\nmemory. It seems the RX FIFO within the SPI peripheral can become\nconfused when performing bus read accesses wider than a single byte to it\nduring an active SPI transfer.\n\nThis patch reduces the width of individual DMA read accesses to the\nRX FIFO to a single byte to mitigate that issue.",
  "id": "GHSA-9prw-2r97-97f6",
  "modified": "2024-11-06T21:30:53Z",
  "published": "2024-03-03T00:30:31Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52511"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb"
    },
    {
      "type": "WEB",
      "url": "https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
      "type": "CVSS_V3"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.