CVE-2023-53986

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53986
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53986.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53986
Downstream
Published
2025-12-24T10:55:26.282Z
Modified
2026-04-02T09:45:26.535592Z
Summary
mips: bmips: BCM6358: disable RAC flush for TP1
Details

In the Linux kernel, the following vulnerability has been resolved:

mips: bmips: BCM6358: disable RAC flush for TP1

RAC flush causes kernel panics on BCM6358 with EHCI/OHCI when booting from TP1: [ 3.881739] usb 1-1: new high-speed USB device number 2 using ehci-platform [ 3.905829] $ 0 : 00000000 10008700 00000000 77d94060 [ 3.911238] $ 4 : 7fd1f088 00000000 81431cac 81431ca0 [ 3.916641] $ 8 : 00000000 ffffefff 8075cd34 00000000 [ 3.922043] $12 : 806f8d40 f3e812b7 00000000 000d9aaa [ 3.927446] $16 : 7fd1f068 7fd1f080 7ff559b8 81428470 [ 3.932848] $20 : 00000000 00000000 55590000 77d70000 [ 3.938251] $24 : 00000018 00000010 [ 3.943655] $28 : 81430000 81431e60 81431f28 800157fc [ 3.949058] Hi : 00000000 [ 3.952013] Lo : 00000000 [ 3.955019] epc : 80015808 setupsigcontext+0x54/0x24c [ 3.960464] ra : 800157fc setupsigcontext+0x48/0x24c [ 3.965913] Status: 10008703 KERNEL EXL IE [ 3.970216] Cause : 00800028 (ExcCode 0a) [ 3.974340] PrId : 0002a010 (Broadcom BMIPS4350) [ 3.979170] Modules linked in: ohciplatform ohcihcd fslmphdrof ehciplatform ehcifsl ehcihcd gpiobuttonhotplug usbcore nlsbase usbcommon [ 3.992907] Process init (pid: 1, threadinfo=(ptrval), task=(ptrval), tls=77e22ec8) [ 4.000776] Stack : 81431ef4 7fd1f080 81431f28 81428470 7fd1f068 81431edc 7ff559b8 81428470 [ 4.009467] 81431f28 7fd1f080 55590000 77d70000 77d5498c 80015c70 806f0000 8063ae74 [ 4.018149] 08100002 81431f28 0000000a 08100002 81431f28 0000000a 77d6b418 00000003 [ 4.026831] ffffffff 80016414 80080734 81431ecc 81431ecc 00000001 00000000 04000000 [ 4.035512] 77d54874 00000000 00000000 00000000 00000000 00000012 00000002 00000000 [ 4.044196] ... [ 4.046706] Call Trace: [ 4.049238] [<80015808>] setupsigcontext+0x54/0x24c [ 4.054356] [<80015c70>] setupframe+0xdc/0x124 [ 4.059015] [<80016414>] donotifyresume+0x1dc/0x288 [ 4.064207] [<80011b50>] work_notifysig+0x10/0x18 [ 4.069036] [ 4.070538] Code: 8fc300b4 00001025 26240008 <ac820000> ac830004 3c048063 0c0228aa 24846a00 26240010 [ 4.080686] [ 4.082517] ---[ end trace 22a8edb41f5f983b ]--- [ 4.087374] Kernel panic - not syncing: Fatal exception [ 4.092753] Rebooting in 1 seconds..

Because the bootloader (CFE) is not initializing the Read-ahead cache properly on the second thread (TP1). Since the RAC was not initialized properly, we should avoid flushing it at the risk of corrupting the instruction stream as seen in the trace above.

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53986.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
d59098a0e9cb3c7767090e935c909b37a30629ab
Fixed
d65de5ee8b72868fbbbd39ca73017d0e526fa13a
Fixed
47a449ec09b4479b89dcc6b27ec3829fc82ffafb
Fixed
65b723644294f1d79770704162c0e8d1f700b6f1
Fixed
2cdbcff99f15db86a10672fb220379a1ae46ccae
Fixed
288c96aa5b5526cd4a946e84ef85e165857693b5
Fixed
ab327f8acdf8d06601fbf058859a539a9422afff

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53986.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.19.0
Fixed
5.4.240
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.177
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.106
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.23
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.2.10

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53986.json"