{"id":"CVE-2023-52498","summary":"PM: sleep: Fix possible deadlocks in core system-wide PM code","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nPM: sleep: Fix possible deadlocks in core system-wide PM code\n\nIt is reported that in low-memory situations the system-wide resume core\ncode deadlocks, because async_schedule_dev() executes its argument\nfunction synchronously if it cannot allocate memory (and not only in\nthat case) and that function attempts to acquire a mutex that is already\nheld.  Executing the argument function synchronously from within\ndpm_async_fn() may also be problematic for ordering reasons (it may\ncause a consumer device's resume callback to be invoked before a\nrequisite supplier device's one, for example).\n\nAddress this by changing the code in question to use\nasync_schedule_dev_nocall() for scheduling the asynchronous\nexecution of device suspend and resume functions and to directly\nrun them synchronously if async_schedule_dev_nocall() returns false.","modified":"2026-03-20T12:32:33.371095Z","published":"2024-02-29T15:52:14.029Z","related":["SUSE-SU-2024:3190-1","SUSE-SU-2024:3209-1","SUSE-SU-2024:3483-1","USN-6818-2","USN-6819-2"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52498.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/7839d0078e0d5e6cc2fa0b0dfbee71de74f1e557"},{"type":"WEB","url":"https://git.kernel.org/stable/c/9bd3dce27b01c51295b60e1433e1dadfb16649f7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/a1d62c775b07213c73f81ae842424c74dd14b5f0"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e1c9d32c98309ae764893a481552d3f99d46cb34"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e681e29d1f59a04ef773296e4bebb17b1b79f8fe"},{"type":"WEB","url":"https://git.kernel.org/stable/c/f46eb832389f162ad13cb780d0b8cde93641990d"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52498.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-52498"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0552e05fdfea191a2cf3a0abd33574b5ef9ca818"},{"fixed":"f46eb832389f162ad13cb780d0b8cde93641990d"},{"fixed":"a1d62c775b07213c73f81ae842424c74dd14b5f0"},{"fixed":"e1c9d32c98309ae764893a481552d3f99d46cb34"},{"fixed":"e681e29d1f59a04ef773296e4bebb17b1b79f8fe"},{"fixed":"9bd3dce27b01c51295b60e1433e1dadfb16649f7"},{"fixed":"7839d0078e0d5e6cc2fa0b0dfbee71de74f1e557"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"5d56260c5e9fdbbba59655f63622f6159bf0e595"},{"last_affected":"76d587bd579a08ddcd51274c6d9fff4e885e184d"},{"last_affected":"7dce99d3182a1495bd14cac8403ee471ecdb7ea4"},{"last_affected":"0390e974020ebbbb64580fc205ecc892d1fdd462"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52498.json"}}],"schema_version":"1.7.5"}