CVE-2024-53223

{"id": "CVE-2024-53223", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2024-12-27T14:15:30.453", "references": [{"url": "https://git.kernel.org/stable/c/d34db686a3d74bd564bfce2ada15011c556269fc", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/e29306c0e1ae4b434db32c90705844c77f701be5", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fbb13732c6ffa9d58cedafabcd5ce8fd7ef8ae5a", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}, {"url": "https://git.kernel.org/stable/c/fe09d609f2304c7775789090e3f006d786852148", "tags": ["Patch"], "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nclk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs\n\nBase clocks are the first in being probed and are real dependencies of the\nrest of fixed, factor and peripheral clocks. For old ralink SoCs RT2880,\nRT305x and RT3883 'xtal' must be defined first since in any other case,\nwhen fixed clocks are probed they are delayed until 'xtal' is probed so the\nfollowing warning appears:\n\n WARNING: CPU: 0 PID: 0 at drivers/clk/ralink/clk-mtmips.c:499 rt3883_bus_recalc_rate+0x98/0x138\n Modules linked in:\n CPU: 0 PID: 0 Comm: swapper Not tainted 6.6.43 #0\n Stack : 805e58d0 00000000 00000004 8004f950 00000000 00000004 00000000 00000000\n 80669c54 80830000 80700000 805ae570 80670068 00000001 80669bf8 00000000\n 00000000 00000000 805ae570 80669b38 00000020 804db7dc 00000000 00000000\n 203a6d6d 80669b78 80669e48 70617773 00000000 805ae570 00000000 00000009\n 00000000 00000001 00000004 00000001 00000000 00000000 83fe43b0 00000000\n ...\n Call Trace:\n [<800065d0>] show_stack+0x64/0xf4\n [<804bca14>] dump_stack_lvl+0x38/0x60\n [<800218ac>] __warn+0x94/0xe4\n [<8002195c>] warn_slowpath_fmt+0x60/0x94\n [<80259ff8>] rt3883_bus_recalc_rate+0x98/0x138\n [<80254530>] __clk_register+0x568/0x688\n [<80254838>] of_clk_hw_register+0x18/0x2c\n [<8070b910>] rt2880_clk_of_clk_init_driver+0x18c/0x594\n [<8070b628>] of_clk_init+0x1c0/0x23c\n [<806fc448>] plat_time_init+0x58/0x18c\n [<806fdaf0>] time_init+0x10/0x6c\n [<806f9bc4>] start_kernel+0x458/0x67c\n\n ---[ end trace 0000000000000000 ]---\n\nWhen this driver was mainlined we could not find any active users of old\nralink SoCs so we cannot perform any real tests for them. Now, one user\nof a Belkin f9k1109 version 1 device which uses RT3883 SoC appeared and\nreported some issues in openWRT:\n- https://github.com/openwrt/openwrt/issues/16054\n\nThus, define a 'rt2880_xtal_recalc_rate()' just returning the expected\nfrequency 40Mhz and use it along the old ralink SoCs to have a correct\nboot trace with no warnings and a working clock plan from the beggining."}, {"lang": "es", "value": "En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: clk: ralink: mtmips: corrige el orden de sondeo de los relojes en los SoC ralink m\u00e1s antiguos Los relojes base son los primeros en ser sondeados y son dependencias reales del resto de relojes fijos, de factor y perif\u00e9ricos. Para los antiguos SoCs ralink RT2880, RT305x y RT3883, se debe definir primero 'xtal' ya que en cualquier otro caso, cuando se prueban relojes fijos, se retrasan hasta que se prueba 'xtal', por lo que aparece la siguiente advertencia: ADVERTENCIA: CPU: 0 PID: 0 en drivers/clk/ralink/clk-mtmips.c:499 rt3883_bus_recalc_rate+0x98/0x138 M\u00f3dulos vinculados en: CPU: 0 PID: 0 Comm: swapper No contaminado 6.6.43 #0 Pila: 805e58d0 00000000 00000004 8004f950 00000000 00000004 00000000 00000000 80669c54 80830000 80700000 805ae570 80670068 00000001 80669bf8 00000000 00000000 00000000 805ae570 80669b38 00000020 804db7dc 00000000 00000000 203a6d6d 80669b78 80669e48 70617773 00000000 805ae570 00000000 00000009 00000000 00000001 00000004 00000001 00000000 00000000 83fe43b0 00000000 ... Seguimiento de llamadas: [&lt;800065d0&gt;] show_stack+0x64/0xf4 [&lt;804bca14&gt;] dump_stack_lvl+0x38/0x60 [&lt;800218ac&gt;] __warn+0x94/0xe4 [&lt;8002195c&gt;] warn_slowpath_fmt+0x60/0x94 [&lt;80259ff8&gt;] rt3883_bus_recalc_rate+0x98/0x138 [&lt;80254530&gt;] __clk_register+0x568/0x688 [&lt;80254838&gt;] of_clk_hw_register+0x18/0x2c [&lt;8070b910&gt;] rt2880_clk_of_clk_init_driver+0x18c/0x594 [&lt;8070b628&gt;] of_clk_init+0x1c0/0x23c [&lt;806fc448&gt;] plat_time_init+0x58/0x18c [&lt;806fdaf0&gt;] time_init+0x10/0x6c [&lt;806f9bc4&gt;] start_kernel+0x458/0x67c ---[ fin de seguimiento 0000000000000000 ]--- Cuando se incorpor\u00f3 este controlador, no pudimos encontrar ning\u00fan usuario activo de SoC ralink antiguos, por lo que no podemos realizar ninguna prueba real para ellos. Ahora, un usuario de un dispositivo Belkin f9k1109 versi\u00f3n 1 que usa RT3883 SoC apareci\u00f3 y report\u00f3 algunos problemas en openWRT: - https://github.com/openwrt/openwrt/issues/16054 Por lo tanto, defina un 'rt2880_xtal_recalc_rate()' que simplemente devuelva la frecuencia esperada de 40Mhz y \u00faselo junto con los viejos SoC ralink para tener un seguimiento de arranque correcto sin advertencias y un plan de reloj que funcione desde el principio."}], "lastModified": "2025-10-08T13:43:58.747", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54B7846B-C7F0-4910-8749-C0C31DCDDFD7", "versionEndExcluding": "6.6.64", "versionStartIncluding": "6.5"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "21434379-192D-472F-9B54-D45E3650E893", "versionEndExcluding": "6.11.11", "versionStartIncluding": "6.7"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D8882B1B-2ABC-4838-AC1D-DBDBB5764776", "versionEndExcluding": "6.12.2", "versionStartIncluding": "6.12"}], "operator": "OR"}]}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"}