CVE-2023-52511

low-risk
Published 2024-03-02

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost during DMA transfer from SPI peripheral to memory. It seems the RX FIFO within the SPI peripheral can become confused when performing bus read accesses wider than a single byte to it during an active SPI transfer. This patch reduces the width of individual DMA read accesses to the RX FIFO to a single byte to mitigate that issue.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
NETWORK / LOW complexity

Affected Products (1)

Affected Vendors

Linux

References (8)

Patch https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18
Patch https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355
Patch https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb
Patch https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc
Patch https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18
Patch https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355
Patch https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb
Patch https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc
26
/ 100
low-risk
Severity 21/34 · High
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal