CVE-2023-53048
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53048
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53048.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-53048
- Downstream
- Related
- Published
- 2025-05-02T15:55:04Z
- Modified
- 2025-10-21T15:48:15.084527Z
- Summary
- usb: typec: tcpm: fix warning when handle discover_identity message
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
usb: typec: tcpm: fix warning when handle discover_identity message
Since both source and sink device can send discover_identity message in PD3, kernel may dump below warning:
------------[ cut here ]------------ WARNING: CPU: 0 PID: 169 at drivers/usb/typec/tcpm/tcpm.c:1446 tcpmqueuevdm+0xe0/0xf0 Modules linked in: CPU: 0 PID: 169 Comm: 1-0050 Not tainted 6.1.1-00038-g6a3c36cf1da2-dirty #567 Hardware name: NXP i.MX8MPlus EVK board (DT) pstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--) pc : tcpmqueuevdm+0xe0/0xf0 lr : tcpmqueuevdm+0x2c/0xf0 sp : ffff80000c19bcd0 x29: ffff80000c19bcd0 x28: 0000000000000001 x27: ffff0000d11c8ab8 x26: ffff0000d11cc000 x25: 0000000000000000 x24: 00000000ff008081 x23: 0000000000000001 x22: 00000000ff00a081 x21: ffff80000c19bdbc x20: 0000000000000000 x19: ffff0000d11c8080 x18: ffffffffffffffff x17: 0000000000000000 x16: 0000000000000000 x15: ffff0000d716f580 x14: 0000000000000001 x13: ffff0000d716f507 x12: 0000000000000001 x11: 0000000000000000 x10: 0000000000000020 x9 : 00000000000ee098 x8 : 00000000ffffffff x7 : 000000000000001c x6 : ffff0000d716f580 x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000 x2 : ffff80000c19bdbc x1 : 00000000ff00a081 x0 : 0000000000000004 Call trace: tcpmqueuevdm+0xe0/0xf0 tcpmpdrxhandler+0x340/0x1ab0 kthreadworkerfn+0xcc/0x18c kthread+0x10c/0x110 retfrom_fork+0x10/0x20 ---[ end trace 0000000000000000 ]---
Below sequences may trigger this warning:
tcpmsenddiscoverwork(work) tcpmsendvdm(port, USBSIDPD, CMDDISCOVERIDENT, NULL, 0); tcpmqueuevdm(port, header, data, count); port->vdmstate = VDMSTATEREADY;
vdmstatemachinework(work); <-- received discoveridentity from partner vdmrunstatemachine(port); port->vdmstate = VDMSTATESENDMESSAGE; modvdmdelayedwork(port, x);
tcpmpdrxhandler(work); tcpmpddatarequest(port, msg); tcpmhandlevdmrequest(port, msg->payload, cnt); tcpmqueuevdm(port, response[0], &response[1], rlen - 1); --> WARNON(port->vdmstate > VDMSTATE_DONE);
For this case, the state machine could still send out discover identity message later if we skip current discoveridentity message. So we should handle the received message firstly and override the pending discoveridentity message without warning in this case. Then, a delayed senddiscover work will send discoveridentity message again.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/abfc4fa28f0160df61c7149567da4f6494dfb488
- https://git.kernel.org/stable/c/bb579b3f75c60bf488a7c36e092e8be583407d53
- https://git.kernel.org/stable/c/d55ca2d2ea1a7ec553213986993fba8c0257381c
- https://git.kernel.org/stable/c/e37d2c489d71e94ed4a39529bc9520a7fd983d42
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede00943e916782ae17ca05d654779a84f09481ab8Fixedbb579b3f75c60bf488a7c36e092e8be583407d53
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede00943e916782ae17ca05d654779a84f09481ab8Fixedd55ca2d2ea1a7ec553213986993fba8c0257381c
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede00943e916782ae17ca05d654779a84f09481ab8Fixede37d2c489d71e94ed4a39529bc9520a7fd983d42
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introducede00943e916782ae17ca05d654779a84f09481ab8Fixedabfc4fa28f0160df61c7149567da4f6494dfb488
Affected versions
v5.*
v5.12
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.100
v5.15.101
v5.15.102
v5.15.103
v5.15.104
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.2.8
v6.3-rc1
Database specific
vanir_signatures
[
{
"id": "CVE-2023-53048-0ee32ea9",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abfc4fa28f0160df61c7149567da4f6494dfb488",
"signature_version": "v1",
"digest": {
"length": 2703.0,
"function_hash": "25431558189487474402441283191188146884"
},
"target": {
"function": "vdm_run_state_machine",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-1447afad",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bb579b3f75c60bf488a7c36e092e8be583407d53",
"signature_version": "v1",
"digest": {
"line_hashes": [
"168752206943951449510918969881429329144",
"299318351744944663947781555508254924353",
"28906302392895710153357382097961153414",
"153142702175602025328840918727767468390",
"13064602375301338296648498444044840662",
"159537338445147932382366279445557743256",
"3864623845357290213038074975703883754",
"74744192719379953007565058387849082220",
"115076581395217800443520624748405761074",
"236230658149379685601695237812209136486",
"78085313993896417473922487962860908109",
"147645162379537563809937283031480484778",
"216886212894351856651249983491217101672",
"103867731445805354442050375323944764806",
"182863069496401142428546202244855289683",
"127770353279374863863768437179464752583",
"324698567650494284462711627930532412469",
"238395579348281021218927588983871670759"
],
"threshold": 0.9
},
"target": {
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Line",
"deprecated": false
},
{
"id": "CVE-2023-53048-34d143b0",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e37d2c489d71e94ed4a39529bc9520a7fd983d42",
"signature_version": "v1",
"digest": {
"line_hashes": [
"168752206943951449510918969881429329144",
"299318351744944663947781555508254924353",
"28906302392895710153357382097961153414",
"153142702175602025328840918727767468390",
"13064602375301338296648498444044840662",
"159537338445147932382366279445557743256",
"3864623845357290213038074975703883754",
"74744192719379953007565058387849082220",
"115076581395217800443520624748405761074",
"236230658149379685601695237812209136486",
"78085313993896417473922487962860908109",
"147645162379537563809937283031480484778",
"216886212894351856651249983491217101672",
"103867731445805354442050375323944764806",
"182863069496401142428546202244855289683",
"127770353279374863863768437179464752583",
"324698567650494284462711627930532412469",
"238395579348281021218927588983871670759"
],
"threshold": 0.9
},
"target": {
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Line",
"deprecated": false
},
{
"id": "CVE-2023-53048-617cafea",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e37d2c489d71e94ed4a39529bc9520a7fd983d42",
"signature_version": "v1",
"digest": {
"length": 461.0,
"function_hash": "276735379133603152731114226533188948483"
},
"target": {
"function": "tcpm_queue_vdm",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-75ec077f",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bb579b3f75c60bf488a7c36e092e8be583407d53",
"signature_version": "v1",
"digest": {
"length": 2703.0,
"function_hash": "25431558189487474402441283191188146884"
},
"target": {
"function": "vdm_run_state_machine",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-aacee953",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d55ca2d2ea1a7ec553213986993fba8c0257381c",
"signature_version": "v1",
"digest": {
"length": 2703.0,
"function_hash": "25431558189487474402441283191188146884"
},
"target": {
"function": "vdm_run_state_machine",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-ac5a0dc9",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bb579b3f75c60bf488a7c36e092e8be583407d53",
"signature_version": "v1",
"digest": {
"length": 461.0,
"function_hash": "276735379133603152731114226533188948483"
},
"target": {
"function": "tcpm_queue_vdm",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-b089d400",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d55ca2d2ea1a7ec553213986993fba8c0257381c",
"signature_version": "v1",
"digest": {
"line_hashes": [
"168752206943951449510918969881429329144",
"299318351744944663947781555508254924353",
"28906302392895710153357382097961153414",
"153142702175602025328840918727767468390",
"13064602375301338296648498444044840662",
"159537338445147932382366279445557743256",
"3864623845357290213038074975703883754",
"74744192719379953007565058387849082220",
"115076581395217800443520624748405761074",
"236230658149379685601695237812209136486",
"78085313993896417473922487962860908109",
"147645162379537563809937283031480484778",
"216886212894351856651249983491217101672",
"103867731445805354442050375323944764806",
"182863069496401142428546202244855289683",
"127770353279374863863768437179464752583",
"324698567650494284462711627930532412469",
"238395579348281021218927588983871670759"
],
"threshold": 0.9
},
"target": {
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Line",
"deprecated": false
},
{
"id": "CVE-2023-53048-b5fff35e",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abfc4fa28f0160df61c7149567da4f6494dfb488",
"signature_version": "v1",
"digest": {
"length": 461.0,
"function_hash": "276735379133603152731114226533188948483"
},
"target": {
"function": "tcpm_queue_vdm",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-c9e8b266",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d55ca2d2ea1a7ec553213986993fba8c0257381c",
"signature_version": "v1",
"digest": {
"length": 461.0,
"function_hash": "276735379133603152731114226533188948483"
},
"target": {
"function": "tcpm_queue_vdm",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-d6145cc5",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@e37d2c489d71e94ed4a39529bc9520a7fd983d42",
"signature_version": "v1",
"digest": {
"length": 2703.0,
"function_hash": "25431558189487474402441283191188146884"
},
"target": {
"function": "vdm_run_state_machine",
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Function",
"deprecated": false
},
{
"id": "CVE-2023-53048-e60ac440",
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@abfc4fa28f0160df61c7149567da4f6494dfb488",
"signature_version": "v1",
"digest": {
"line_hashes": [
"168752206943951449510918969881429329144",
"299318351744944663947781555508254924353",
"28906302392895710153357382097961153414",
"153142702175602025328840918727767468390",
"13064602375301338296648498444044840662",
"159537338445147932382366279445557743256",
"3864623845357290213038074975703883754",
"74744192719379953007565058387849082220",
"115076581395217800443520624748405761074",
"236230658149379685601695237812209136486",
"78085313993896417473922487962860908109",
"147645162379537563809937283031480484778",
"216886212894351856651249983491217101672",
"103867731445805354442050375323944764806",
"182863069496401142428546202244855289683",
"127770353279374863863768437179464752583",
"324698567650494284462711627930532412469",
"238395579348281021218927588983871670759"
],
"threshold": 0.9
},
"target": {
"file": "drivers/usb/typec/tcpm/tcpm.c"
},
"signature_type": "Line",
"deprecated": false
}
]