CVE-2023-52498
Published: Feb 29, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume core code deadlocks, because async_schedule_dev() executes its argument function synchronously if it cannot allocate memory (and not only in that case) and that function attempts to acquire a mutex that is already held. Executing the argument function synchronously from within dpm_async_fn() may also be problematic for ordering reasons (it may cause a consumer device's resume callback to be invoked before a requisite supplier device's one, for example). Address this by changing the code in question to use async_schedule_dev_nocall() for scheduling the asynchronous execution of device suspend and resume functions and to directly run them synchronously if async_schedule_dev_nocall() returns false.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 0552e05fdfea191a2cf3a0abd33574b5ef9ca818 - < f46eb832389f162ad13cb780d0b8cde93641990daffected 0552e05fdfea191a2cf3a0abd33574b5ef9ca818 - < a1d62c775b07213c73f81ae842424c74dd14b5f0affected 0552e05fdfea191a2cf3a0abd33574b5ef9ca818 - < e1c9d32c98309ae764893a481552d3f99d46cb34affected 0552e05fdfea191a2cf3a0abd33574b5ef9ca818 - < e681e29d1f59a04ef773296e4bebb17b1b79f8feaffected 0552e05fdfea191a2cf3a0abd33574b5ef9ca818 - < 9bd3dce27b01c51295b60e1433e1dadfb16649f7+9 more versions |
Linux | Linux | affected 5.6unaffected 0 - < 5.6unaffected 5.10.210 - <= 5.10.*unaffected 5.15.149 - <= 5.15.*unaffected 6.1.76 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now