CVE-2023-53177

Summary

In the Linux kernel, the following vulnerability has been resolved:

media: hi846: fix usage of pm_runtime_get_if_in_use()

pm_runtime_get_if_in_use() does not only return nonzero values when the device is in use, it can return a negative errno too.

And especially during resuming from system suspend, when runtime pm is not yet up again, -EAGAIN is being returned, so the subsequent pm_runtime_put() call results in a refcount underflow.

Fix system-resume by handling -EAGAIN of pm_runtime_get_if_in_use().

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe8c0882685f9152f0d729664a12bcbe749cb7736 < 42ec6269f98edd915ee37da3c6456bb6243ea56aaffected
LinuxLinuxe8c0882685f9152f0d729664a12bcbe749cb7736 < c5dcd7a19f1ed8fe98384f3a9444c7c53befd74eaffected
LinuxLinuxe8c0882685f9152f0d729664a12bcbe749cb7736 < 04fc06f6dc1592ed5d675311ac50d8fba5db62abaffected
LinuxLinux5.16affected
LinuxLinux0 < 5.16unaffected
LinuxLinux6.1.39 <= 6.1.*unaffected
LinuxLinux6.4.4 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References