What is the severity of CVE-2023-52613?

The severity of CVE-2023-52613 is classified as medium due to the potential impact on thermal management in the Linux kernel.

What causes CVE-2023-52613?

CVE-2023-52613 is caused by incorrect usage of the PTR_ERR() function in the thermal driver for Loongson2, leading to improper handling of undefined thermal zones.

How do I fix CVE-2023-52613?

To fix CVE-2023-52613, you should update to the latest version of the Linux kernel that addresses this vulnerability.

Which versions of the Linux kernel are affected by CVE-2023-52613?

CVE-2023-52613 affects Linux kernel versions from 6.6.0 to 6.6.14 and from 6.7.0 to 6.7.2.

Is CVE-2023-52613 a remote attack vector vulnerability?

No, CVE-2023-52613 does not provide a remote attack vector; it requires local access to exploit the vulnerability in the kernel.

Vulnerability/
CVE-2023-52613

medium

5.5

CWE

476

18/3/2024

8/4/2025

CVE-2023-52613: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment

First published: Mon Mar 18 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment PTR_ERR() returns -ENODEV when thermal-zones are undefined, and we need -ENODEV as the right value for comparison. Otherwise, tz->type is NULL when thermal-zones is undefined, resulting in the following error: [ 12.290030] CPU 1 Unable to handle kernel paging request at virtual address fffffffffffffff1, era == 900000000355f410, ra == 90000000031579b8 [ 12.302877] Oops[#1]: [ 12.305190] CPU: 1 PID: 181 Comm: systemd-udevd Not tainted 6.6.0-rc7+ #5385 [ 12.312304] pc 900000000355f410 ra 90000000031579b8 tp 90000001069e8000 sp 90000001069eba10 [ 12.320739] a0 0000000000000000 a1 fffffffffffffff1 a2 0000000000000014 a3 0000000000000001 [ 12.329173] a4 90000001069eb990 a5 0000000000000001 a6 0000000000001001 a7 900000010003431c [ 12.337606] t0 fffffffffffffff1 t1 54567fd5da9b4fd4 t2 900000010614ec40 t3 00000000000dc901 [ 12.346041] t4 0000000000000000 t5 0000000000000004 t6 900000010614ee20 t7 900000000d00b790 [ 12.354472] t8 00000000000dc901 u0 54567fd5da9b4fd4 s9 900000000402ae10 s0 900000010614ec40 [ 12.362916] s1 90000000039fced0 s2 ffffffffffffffed s3 ffffffffffffffed s4 9000000003acc000 [ 12.362931] s5 0000000000000004 s6 fffffffffffff000 s7 0000000000000490 s8 90000001028b2ec8 [ 12.362938] ra: 90000000031579b8 thermal_add_hwmon_sysfs+0x258/0x300 [ 12.386411] ERA: 900000000355f410 strscpy+0xf0/0x160 [ 12.391626] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE) [ 12.397898] PRMD: 00000004 (PPLV0 +PIE -PWE) [ 12.403678] EUEN: 00000000 (-FPE -SXE -ASXE -BTE) [ 12.409859] ECFG: 00071c1c (LIE=2-4,10-12 VS=7) [ 12.415882] ESTAT: 00010000 [PIL] (IS= ECode=1 EsubCode=0) [ 12.415907] BADV: fffffffffffffff1 [ 12.415911] PRID: 0014a000 (Loongson-64bit, Loongson-2K1000) [ 12.415917] Modules linked in: loongson2_thermal(+) vfat fat uio_pdrv_genirq uio fuse zram zsmalloc [ 12.415950] Process systemd-udevd (pid: 181, threadinfo=00000000358b9718, task=00000000ace72fe3) [ 12.415961] Stack : 0000000000000dc0 54567fd5da9b4fd4 900000000402ae10 9000000002df9358 [ 12.415982] ffffffffffffffed 0000000000000004 9000000107a10aa8 90000001002a3410 [ 12.415999] ffffffffffffffed ffffffffffffffed 9000000107a11268 9000000003157ab0 [ 12.416016] 9000000107a10aa8 ffffff80020fc0c8 90000001002a3410 ffffffffffffffed [ 12.416032] 0000000000000024 ffffff80020cc1e8 900000000402b2a0 9000000003acc000 [ 12.416048] 90000001002a3410 0000000000000000 ffffff80020f4030 90000001002a3410 [ 12.416065] 0000000000000000 9000000002df6808 90000001002a3410 0000000000000000 [ 12.416081] ffffff80020f4030 0000000000000000 90000001002a3410 9000000002df2ba8 [ 12.416097] 00000000000000b4 90000001002a34f4 90000001002a3410 0000000000000002 [ 12.416114] ffffff80020f4030 fffffffffffffff0 90000001002a3410 9000000002df2f30 [ 12.416131] ... [ 12.416138] Call Trace: [ 12.416142] [<900000000355f410>] strscpy+0xf0/0x160 [ 12.416167] [<90000000031579b8>] thermal_add_hwmon_sysfs+0x258/0x300 [ 12.416183] [<9000000003157ab0>] devm_thermal_add_hwmon_sysfs+0x50/0xe0 [ 12.416200] [<ffffff80020cc1e8>] loongson2_thermal_probe+0x128/0x200 [loongson2_thermal] [ 12.416232] [<9000000002df6808>] platform_probe+0x68/0x140 [ 12.416249] [<9000000002df2ba8>] really_probe+0xc8/0x3c0 [ 12.416269] [<9000000002df2f30>] __driver_probe_device+0x90/0x180 [ 12.416286] [<9000000002df3058>] driver_probe_device+0x38/0x160 [ 12.416302] [<9000000002df33a8>] __driver_attach+0xa8/0x200 [ 12.416314] [<9000000002deffec>] bus_for_each_dev+0x8c/0x120 [ 12.416330] [<9000000002df198c>] bus_add_driver+0x10c/0x2a0 [ 12.416346] [<9000000002df46b4>] driver_register+0x74/0x160 [ 12.416358] [<90000000022201a4>] do_one_initcall+0x84/0x220 [ 12.416372] [<90000000022f3ab8>] do_init_module+0x58/0x2c0 [ ---truncated---

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected Software	Affected Version	How to fix
Red Hat Kernel-devel
Linux Kernel	>=6.6<6.6.14
Linux Kernel	>=6.7<6.7.2

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-52613?
The severity of CVE-2023-52613 is classified as medium due to the potential impact on thermal management in the Linux kernel.
What causes CVE-2023-52613?
CVE-2023-52613 is caused by incorrect usage of the PTR_ERR() function in the thermal driver for Loongson2, leading to improper handling of undefined thermal zones.
How do I fix CVE-2023-52613?
To fix CVE-2023-52613, you should update to the latest version of the Linux kernel that addresses this vulnerability.
Which versions of the Linux kernel are affected by CVE-2023-52613?
CVE-2023-52613 affects Linux kernel versions from 6.6.0 to 6.6.14 and from 6.7.0 to 6.7.2.
Is CVE-2023-52613 a remote attack vector vulnerability?
No, CVE-2023-52613 does not provide a remote attack vector; it requires local access to exploit the vulnerability in the kernel.

agent/title
agent/type
agent/references
agent/description
agent/first-publish-date
agent/author
agent/severity
collector/mitre-cve
source/MITRE
agent/source
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/tags
agent/weakness
agent/last-modified-date
agent/remedy
agent/softwarecombine
agent/event
collector/nvd-api
source/NVD
vendor/linux
canonical/red hat kernel-devel
canonical/linux kernel
version/linux kernel/6.6
version/linux kernel/6.7

CVE-2023-52613: drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment

Remedy

Remedy

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-52613?

What causes CVE-2023-52613?

How do I fix CVE-2023-52613?

Which versions of the Linux kernel are affected by CVE-2023-52613?

Is CVE-2023-52613 a remote attack vector vulnerability?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2023-52613?

What causes CVE-2023-52613?

How do I fix CVE-2023-52613?

Which versions of the Linux kernel are affected by CVE-2023-52613?

Is CVE-2023-52613 a remote attack vector vulnerability?