CVE-2023-52615

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-52615
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52615.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52615
Downstream
Related
Published
2024-03-18T10:14:45.503Z
Modified
2026-03-14T12:23:13.185933Z
Summary
hwrng: core - Fix page fault dead lock on mmap-ed hwrng
Details

In the Linux kernel, the following vulnerability has been resolved:

hwrng: core - Fix page fault dead lock on mmap-ed hwrng

There is a dead-lock in the hwrng device read path. This triggers when the user reads from /dev/hwrng into memory also mmap-ed from /dev/hwrng. The resulting page fault triggers a recursive read which then dead-locks.

Fix this by using a stack buffer when calling copytouser.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52615.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9996508b3353063f2d6c48c1a28a84543d72d70b
Fixed
eafd83b92f6c044007a3591cbd476bcf90455990
Fixed
5030d4c798863ccb266563201b341a099e8cdd48
Fixed
c6a8111aacbfe7a8a70f46cc0de8eed00561693c
Fixed
26cc6d7006f922df6cc4389248032d955750b2a0
Fixed
aa8aa16ed9adf1df05bb339d588cf485a011839e
Fixed
ecabe8cd456d3bf81e92c53b074732f3140f170d
Fixed
6822a14271786150e178869f1495cc03e74c5029
Fixed
78aafb3884f6bc6636efcc1760c891c8500b9922

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52615.json"