cve/published/2024/CVE-2024-53152.json - pub/scm/linux/security/vulns - Git at Google

 {
    "containers": {
       "cna": {
          "providerMetadata": {
             "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
          },
          "descriptions": [
             {
                "lang": "en",
                "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()\n\nCurrently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPF\ndeinit notify function pci_epc_deinit_notify() are called during the\nexecution of pex_ep_event_pex_rst_assert() i.e., when the host has asserted\nPERST#. But quickly after this step, refclk will also be disabled by the\nhost.\n\nAll of the tegra194 endpoint SoCs supported as of now depend on the refclk\nfrom the host for keeping the controller operational. Due to this\nlimitation, any access to the hardware registers in the absence of refclk\nwill result in a whole endpoint crash. Unfortunately, most of the\ncontroller cleanups require accessing the hardware registers (like eDMA\ncleanup performed in dw_pcie_ep_cleanup(), etc...). So these cleanup\nfunctions can cause the crash in the endpoint SoC once host asserts PERST#.\n\nOne way to address this issue is by generating the refclk in the endpoint\nitself and not depending on the host. But that is not always possible as\nsome of the endpoint designs do require the endpoint to consume refclk from\nthe host.\n\nThus, fix this crash by moving the controller cleanups to the start of\nthe pex_ep_event_pex_rst_deassert() function. This function is called\nwhenever the host has deasserted PERST# and it is guaranteed that the\nrefclk would be active at this point. So at the start of this function\n(after enabling resources) the controller cleanup can be performed. Once\nfinished, rest of the code execution for PERST# deassert can continue as\nusual."
             }
          ],
          "affected": [
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "unaffected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "drivers/pci/controller/dwc/pcie-tegra194.c"
                ],
                "versions": [
                   {
                      "version": "570d7715eed8a29ac5bd96c7694f060a991e5a31",
                      "lessThan": "70212c2300971506e986d95000d2745529cac9d7",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "570d7715eed8a29ac5bd96c7694f060a991e5a31",
                      "lessThan": "72034050ccf4202cd6558b0afd2474f756ea3b9b",
                      "status": "affected",
                      "versionType": "git"
                   },
                   {
                      "version": "570d7715eed8a29ac5bd96c7694f060a991e5a31",
                      "lessThan": "40e2125381dc11379112485e3eefdd25c6df5375",
                      "status": "affected",
                      "versionType": "git"
                   }
                ]
             },
             {
                "product": "Linux",
                "vendor": "Linux",
                "defaultStatus": "affected",
                "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
                "programFiles": [
                   "drivers/pci/controller/dwc/pcie-tegra194.c"
                ],
                "versions": [
                   {
                      "version": "6.10",
                      "status": "affected"
                   },
                   {
                      "version": "0",
                      "lessThan": "6.10",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.11.11",
                      "lessThanOrEqual": "6.11.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.12.2",
                      "lessThanOrEqual": "6.12.*",
                      "status": "unaffected",
                      "versionType": "semver"
                   },
                   {
                      "version": "6.13",
                      "lessThanOrEqual": "*",
                      "status": "unaffected",
                      "versionType": "original_commit_for_fix"
                   }
                ]
             }
          ],
          "cpeApplicability": [
             {
                "nodes": [
                   {
                      "operator": "OR",
                      "negate": false,
                      "cpeMatch": [
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "6.10",
                            "versionEndExcluding": "6.11.11"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "6.10",
                            "versionEndExcluding": "6.12.2"
                         },
                         {
                            "vulnerable": true,
                            "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                            "versionStartIncluding": "6.10",
                            "versionEndExcluding": "6.13"
                         }
                      ]
                   }
                ]
             }
          ],
          "references": [
             {
                "url": "https://git.kernel.org/stable/c/70212c2300971506e986d95000d2745529cac9d7"
             },
             {
                "url": "https://git.kernel.org/stable/c/72034050ccf4202cd6558b0afd2474f756ea3b9b"
             },
             {
                "url": "https://git.kernel.org/stable/c/40e2125381dc11379112485e3eefdd25c6df5375"
             }
          ],
          "title": "PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()",
          "x_generator": {
             "engine": "bippy-1.2.0"
          }
       }
    },
    "cveMetadata": {
       "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
       "cveID": "CVE-2024-53152",
       "requesterUserId": "gregkh@kernel.org",
       "serial": "1",
       "state": "PUBLISHED"
    },
    "dataType": "CVE_RECORD",
    "dataVersion": "5.0"
 }
	{
	"containers": {
	"cna": {
	"providerMetadata": {
	"orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038"
	},
	"descriptions": [
	{
	"lang": "en",
	"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nPCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()\n\nCurrently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPF\ndeinit notify function pci_epc_deinit_notify() are called during the\nexecution of pex_ep_event_pex_rst_assert() i.e., when the host has asserted\nPERST#. But quickly after this step, refclk will also be disabled by the\nhost.\n\nAll of the tegra194 endpoint SoCs supported as of now depend on the refclk\nfrom the host for keeping the controller operational. Due to this\nlimitation, any access to the hardware registers in the absence of refclk\nwill result in a whole endpoint crash. Unfortunately, most of the\ncontroller cleanups require accessing the hardware registers (like eDMA\ncleanup performed in dw_pcie_ep_cleanup(), etc...). So these cleanup\nfunctions can cause the crash in the endpoint SoC once host asserts PERST#.\n\nOne way to address this issue is by generating the refclk in the endpoint\nitself and not depending on the host. But that is not always possible as\nsome of the endpoint designs do require the endpoint to consume refclk from\nthe host.\n\nThus, fix this crash by moving the controller cleanups to the start of\nthe pex_ep_event_pex_rst_deassert() function. This function is called\nwhenever the host has deasserted PERST# and it is guaranteed that the\nrefclk would be active at this point. So at the start of this function\n(after enabling resources) the controller cleanup can be performed. Once\nfinished, rest of the code execution for PERST# deassert can continue as\nusual."
	}
	],
	"affected": [
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "unaffected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"drivers/pci/controller/dwc/pcie-tegra194.c"
	],
	"versions": [
	{
	"version": "570d7715eed8a29ac5bd96c7694f060a991e5a31",
	"lessThan": "70212c2300971506e986d95000d2745529cac9d7",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "570d7715eed8a29ac5bd96c7694f060a991e5a31",
	"lessThan": "72034050ccf4202cd6558b0afd2474f756ea3b9b",
	"status": "affected",
	"versionType": "git"
	},
	{
	"version": "570d7715eed8a29ac5bd96c7694f060a991e5a31",
	"lessThan": "40e2125381dc11379112485e3eefdd25c6df5375",
	"status": "affected",
	"versionType": "git"
	}
	]
	},
	{
	"product": "Linux",
	"vendor": "Linux",
	"defaultStatus": "affected",
	"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
	"programFiles": [
	"drivers/pci/controller/dwc/pcie-tegra194.c"
	],
	"versions": [
	{
	"version": "6.10",
	"status": "affected"
	},
	{
	"version": "0",
	"lessThan": "6.10",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.11.11",
	"lessThanOrEqual": "6.11.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.12.2",
	"lessThanOrEqual": "6.12.*",
	"status": "unaffected",
	"versionType": "semver"
	},
	{
	"version": "6.13",
	"lessThanOrEqual": "*",
	"status": "unaffected",
	"versionType": "original_commit_for_fix"
	}
	]
	}
	],
	"cpeApplicability": [
	{
	"nodes": [
	{
	"operator": "OR",
	"negate": false,
	"cpeMatch": [
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "6.10",
	"versionEndExcluding": "6.11.11"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "6.10",
	"versionEndExcluding": "6.12.2"
	},
	{
	"vulnerable": true,
	"criteria": "cpe:2.3:o:linux:linux_kernel::::::::",
	"versionStartIncluding": "6.10",
	"versionEndExcluding": "6.13"
	}
	]
	}
	]
	}
	],
	"references": [
	{
	"url": "https://git.kernel.org/stable/c/70212c2300971506e986d95000d2745529cac9d7"
	},
	{
	"url": "https://git.kernel.org/stable/c/72034050ccf4202cd6558b0afd2474f756ea3b9b"
	},
	{
	"url": "https://git.kernel.org/stable/c/40e2125381dc11379112485e3eefdd25c6df5375"
	}
	],
	"title": "PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()",
	"x_generator": {
	"engine": "bippy-1.2.0"
	}
	}
	},
	"cveMetadata": {
	"assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038",
	"cveID": "CVE-2024-53152",
	"requesterUserId": "gregkh@kernel.org",
	"serial": "1",
	"state": "PUBLISHED"
	},
	"dataType": "CVE_RECORD",
	"dataVersion": "5.0"
	}