CVE-2023-53475

{"id": "CVE-2023-53475", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2025-10-01T12:15:49.830", "references": [{"url": "https://git.kernel.org/stable/c/1122474b757a5dd8b2b50008a97f33cdb10dff6e", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/130c61c516cd0684282a8f6ab163281d60642fc5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/1fe6015aa92cc0dfd875c1d3c7c1750a1b0767d9", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/4c7f9d2e413dc06a157c4e5dccde84aaf4655eb3", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/b4b4f17aa46c025da77aed5133b08971959c9684", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: xhci: tegra: fix sleep in atomic call\n\nWhen we set the dual-role port to Host mode, we observed the following\nsplat:\n[ 167.057718] BUG: sleeping function called from invalid context at\ninclude/linux/sched/mm.h:229\n[ 167.057872] Workqueue: events tegra_xusb_usb_phy_work\n[ 167.057954] Call trace:\n[ 167.057962] dump_backtrace+0x0/0x210\n[ 167.057996] show_stack+0x30/0x50\n[ 167.058020] dump_stack_lvl+0x64/0x84\n[ 167.058065] dump_stack+0x14/0x34\n[ 167.058100] __might_resched+0x144/0x180\n[ 167.058140] __might_sleep+0x64/0xd0\n[ 167.058171] slab_pre_alloc_hook.constprop.0+0xa8/0x110\n[ 167.058202] __kmalloc_track_caller+0x74/0x2b0\n[ 167.058233] kvasprintf+0xa4/0x190\n[ 167.058261] kasprintf+0x58/0x90\n[ 167.058285] tegra_xusb_find_port_node.isra.0+0x58/0xd0\n[ 167.058334] tegra_xusb_find_port+0x38/0xa0\n[ 167.058380] tegra_xusb_padctl_get_usb3_companion+0x38/0xd0\n[ 167.058430] tegra_xhci_id_notify+0x8c/0x1e0\n[ 167.058473] notifier_call_chain+0x88/0x100\n[ 167.058506] atomic_notifier_call_chain+0x44/0x70\n[ 167.058537] tegra_xusb_usb_phy_work+0x60/0xd0\n[ 167.058581] process_one_work+0x1dc/0x4c0\n[ 167.058618] worker_thread+0x54/0x410\n[ 167.058650] kthread+0x188/0x1b0\n[ 167.058672] ret_from_fork+0x10/0x20\n\nThe function tegra_xusb_padctl_get_usb3_companion eventually calls\ntegra_xusb_find_port and this in turn calls kasprintf which might sleep\nand so cannot be called from an atomic context.\n\nFix this by moving the call to tegra_xusb_padctl_get_usb3_companion to\nthe tegra_xhci_id_work function where it is really needed."}], "lastModified": "2026-01-20T16:45:08.810", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D3DC0843-B5C3-493A-9307-674DEB6821FB", "versionEndExcluding": "5.10.178", "versionStartIncluding": "5.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6BCC0C73-754E-4985-A087-F74888650709", "versionEndExcluding": "5.15.107", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E6EC432F-985F-450F-954E-7EAD42ADA1F8", "versionEndExcluding": "6.1.24", "versionStartIncluding": "5.16"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "93C03C9A-798F-4CD5-912F-A436BFA0CC7E", "versionEndExcluding": "6.2.11", "versionStartIncluding": "6.2"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc1:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B8E3B0E8-FA27-4305-87BB-AF6C25B160CB"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A47F0FC3-CE52-4BA1-BA51-22F783938431"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3583026A-27EC-4A4C-850A-83F2AF970673"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc4:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "DC271202-7570-4505-89A4-D602D47BFD00"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:6.3:rc5:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D413BB6D-4F74-4C7D-9163-47786619EF53"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}