medium
5.3
EPSS
0.026%
Advisory Published
Updated

CVE-2023-52511: spi: sun6i: reduce DMA RX transfer width to single byte

First published: Sat Mar 02 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: spi: sun6i: reduce DMA RX transfer width to single byte Through empirical testing it has been determined that sometimes RX SPI transfers with DMA enabled return corrupted data. This is down to single or even multiple bytes lost during DMA transfer from SPI peripheral to memory. It seems the RX FIFO within the SPI peripheral can become confused when performing bus read accesses wider than a single byte to it during an active SPI transfer. This patch reduces the width of individual DMA read accesses to the RX FIFO to a single byte to mitigate that issue.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
Red Hat Kernel-devel
Linux Kernel<5.15.134
Linux Kernel>=5.16<6.1.56
Linux Kernel>=6.2<6.5.6

Remedy

https://git.kernel.org/stable/c/171f8a49f212e87a8b04087568e1b3d132e36a18

Remedy

https://git.kernel.org/stable/c/b3c21c9c7289692f4019f163c3b06d8bdf78b355

Remedy

https://git.kernel.org/stable/c/e15bb292b24630ee832bfc7fd616bd72c7682bbb

Remedy

https://git.kernel.org/stable/c/ff05ed4ae214011464a0156f05cac1b0b46b5fbc

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2023-52511?

    CVE-2023-52511 has been assessed with a medium severity due to the potential for data corruption during RX SPI transfers.

  • How do I fix CVE-2023-52511?

    To remediate CVE-2023-52511, update your Linux kernel to the latest version where this vulnerability has been addressed.

  • What systems are affected by CVE-2023-52511?

    CVE-2023-52511 affects systems running the Linux kernel, particularly those using SPI with DMA enabled.

  • What is the impact of CVE-2023-52511?

    The impact of CVE-2023-52511 includes the possibility of receiving corrupted data from DMA RX transfers in SPI communication.

  • When was CVE-2023-52511 disclosed?

    CVE-2023-52511 was disclosed in 2023, and specific patches have been made available shortly thereafter.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203