{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-12T14:43:36.208","vulnerabilities":[{"cve":{"id":"CVE-2023-52517","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-03-02T22:15:47.923","lastModified":"2025-01-13T18:54:30.323","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nspi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain\n\nPreviously the transfer complete IRQ immediately drained to RX FIFO to\nread any data remaining in FIFO to the RX buffer. This behaviour is\ncorrect when dealing with SPI in interrupt mode. However in DMA mode the\ntransfer complete interrupt still fires as soon as all bytes to be\ntransferred have been stored in the FIFO. At that point data in the FIFO\nstill needs to be picked up by the DMA engine. Thus the drain procedure\nand DMA engine end up racing to read from RX FIFO, corrupting any data\nread. Additionally the RX buffer pointer is never adjusted according to\nDMA progress in DMA mode, thus calling the RX FIFO drain procedure in DMA\nmode is a bug.\nFix corruptions in DMA RX mode by draining RX FIFO only in interrupt mode.\nAlso wait for completion of RX DMA when in DMA mode before returning to\nensure all data has been copied to the supplied memory buffer."},{"lang":"es","value":"En el kernel de Linux, se resolvió la siguiente vulnerabilidad: spi: sun6i: corrigió la ejecución entre la finalización de la transferencia DMA RX y el drenaje FIFO RX Anteriormente, la IRQ completa de la transferencia se drenaba inmediatamente a RX FIFO para leer cualquier dato restante en FIFO al búfer RX. Este comportamiento es correcto cuando se trata de SPI en modo de interrupción. Sin embargo, en el modo DMA, la interrupción de transferencia completa aún se activa tan pronto como todos los bytes a transferir se hayan almacenado en el FIFO. En ese momento, el motor DMA todavía debe recoger los datos del FIFO. Por lo tanto, el procedimiento de drenaje y el motor DMA terminan corriendo para leer desde RX FIFO, corrompiendo cualquier lectura de datos. Además, el puntero del búfer RX nunca se ajusta según el progreso de DMA en modo DMA, por lo que llamar al procedimiento de drenaje FIFO de RX en modo DMA es un error. Corrija corrupciones en el modo DMA RX drenando RX FIFO solo en modo de interrupción. Espere también a que se complete RX DMA cuando esté en modo DMA antes de regresar para asegurarse de que todos los datos se hayan copiado en el búfer de memoria suministrado."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-362"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.134","matchCriteriaId":"AC2BFB97-FE0F-4C79-9818-2EDA2532E918"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.56","matchCriteriaId":"5EA89569-DD45-4A69-BB4D-8356FA9386BD"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.5.6","matchCriteriaId":"870FC772-173A-4A0F-B1AF-7976AD6057D3"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/1f11f4202caf5710204d334fe63392052783876d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/36b29974a7ad2ff604c24ad348f940506c7b1209","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4e149d524678431638ff378ef6025e4e89b71097","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bd1ec7f9983b5cd3c77e0f7cda3fa8aed041af2f","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/1f11f4202caf5710204d334fe63392052783876d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/36b29974a7ad2ff604c24ad348f940506c7b1209","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/4e149d524678431638ff378ef6025e4e89b71097","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/bd1ec7f9983b5cd3c77e0f7cda3fa8aed041af2f","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}