CVE-2020-36787

{"id": "CVE-2020-36787", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-02-28T09:15:37.030", "references": [{"url": "https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5", "tags": ["Patch"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: aspeed: fix clock handling logic\n\nVideo engine uses eclk and vclk for its clock sources and its reset\ncontrol is coupled with eclk so the current clock enabling sequence works\nlike below.\n\n Enable eclk\n De-assert Video Engine reset\n 10ms delay\n Enable vclk\n\nIt introduces improper reset on the Video Engine hardware and eventually\nthe hardware generates unexpected DMA memory transfers that can corrupt\nmemory region in random and sporadic patterns. This issue is observed\nvery rarely on some specific AST2500 SoCs but it causes a critical\nkernel panic with making a various shape of signature so it's extremely\nhard to debug. Moreover, the issue is observed even when the video\nengine is not actively used because udevd turns on the video engine\nhardware for a short time to make a query in every boot.\n\nTo fix this issue, this commit changes the clock handling logic to make\nthe reset de-assertion triggered after enabling both eclk and vclk. Also,\nit adds clk_unprepare call for a case when probe fails.\n\nclk: ast2600: fix reset settings for eclk and vclk\nVideo engine reset setting should be coupled with eclk to match it\nwith the setting for previous Aspeed SoCs which is defined in\nclk-aspeed.c since all Aspeed SoCs are sharing a single video engine\ndriver. Also, reset bit 6 is defined as 'Video Engine' reset in\ndatasheet so it should be de-asserted when eclk is enabled. This\ncommit fixes the setting."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: medios: aspeed: corrige la l\u00f3gica de manejo del reloj El motor de video usa eclk y vclk para sus fuentes de reloj y su control de reinicio est\u00e1 acoplado con eclk para que la secuencia de habilitaci\u00f3n del reloj actual funcione como se muestra a continuaci\u00f3n. Habilitar eclk De-assert Video Engine restablece un retraso de 10 ms Habilitar vclk Introduce un reinicio incorrecto en el hardware de Video Engine y eventualmente el hardware genera transferencias de memoria DMA inesperadas que pueden da\u00f1ar la regi\u00f3n de la memoria en patrones aleatorios y espor\u00e1dicos. Este problema se observa muy raramente en algunos SoC AST2500 espec\u00edficos, pero provoca un p\u00e1nico cr\u00edtico en el kernel al crear varias formas de firma, por lo que es extremadamente dif\u00edcil de depurar. Adem\u00e1s, el problema se observa incluso cuando el motor de v\u00eddeo no se utiliza activamente porque udevd enciende el hardware del motor de v\u00eddeo durante un breve periodo de tiempo para realizar una consulta en cada arranque. Para solucionar este problema, esta confirmaci\u00f3n cambia la l\u00f3gica de manejo del reloj para activar la anulaci\u00f3n de reinicio despu\u00e9s de habilitar tanto eclk como vclk. Adem\u00e1s, agrega la llamada clk_unprepare para un caso en el que falla la sonda. clk: ast2600: corrige la configuraci\u00f3n de restablecimiento para eclk y vclk La configuraci\u00f3n de restablecimiento del motor de video debe combinarse con eclk para que coincida con la configuraci\u00f3n de los SoC Aspeed anteriores que se define en clk-aspeed.c, ya que todos los SoC Aspeed comparten un \u00fanico controlador de motor de video. Adem\u00e1s, el bit de reinicio 6 se define como reinicio del 'Motor de video' en la hoja de datos, por lo que debe desactivarse cuando eclk est\u00e1 habilitado. Este commit corrige la configuraci\u00f3n."}], "lastModified": "2024-12-11T16:42:29.080", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9CE89AEF-FBDF-4C15-B17B-1A7C321B30AF", "versionEndExcluding": "5.4.119", "versionStartIncluding": "5.0"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E", "versionEndExcluding": "5.10.37", "versionStartIncluding": "5.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8CBB94EC-EC33-4464-99C5-03E5542715F0", "versionEndExcluding": "5.11.21", "versionStartIncluding": "5.11"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8C7052F-1B7B-4327-9C2B-84EBF3243838", "versionEndExcluding": "5.12.4", "versionStartIncluding": "5.12"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}