{"id":"CVE-2023-53048","summary":"usb: typec: tcpm: fix warning when handle discover_identity message","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nusb: typec: tcpm: fix warning when handle discover_identity message\n\nSince both source and sink device can send discover_identity message in\nPD3, kernel may dump below warning:\n\n------------[ cut here ]------------\nWARNING: CPU: 0 PID: 169 at drivers/usb/typec/tcpm/tcpm.c:1446 tcpm_queue_vdm+0xe0/0xf0\nModules linked in:\nCPU: 0 PID: 169 Comm: 1-0050 Not tainted 6.1.1-00038-g6a3c36cf1da2-dirty #567\nHardware name: NXP i.MX8MPlus EVK board (DT)\npstate: 20000005 (nzCv daif -PAN -UAO -TCO -DIT -SSBS BTYPE=--)\npc : tcpm_queue_vdm+0xe0/0xf0\nlr : tcpm_queue_vdm+0x2c/0xf0\nsp : ffff80000c19bcd0\nx29: ffff80000c19bcd0 x28: 0000000000000001 x27: ffff0000d11c8ab8\nx26: ffff0000d11cc000 x25: 0000000000000000 x24: 00000000ff008081\nx23: 0000000000000001 x22: 00000000ff00a081 x21: ffff80000c19bdbc\nx20: 0000000000000000 x19: ffff0000d11c8080 x18: ffffffffffffffff\nx17: 0000000000000000 x16: 0000000000000000 x15: ffff0000d716f580\nx14: 0000000000000001 x13: ffff0000d716f507 x12: 0000000000000001\nx11: 0000000000000000 x10: 0000000000000020 x9 : 00000000000ee098\nx8 : 00000000ffffffff x7 : 000000000000001c x6 : ffff0000d716f580\nx5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\nx2 : ffff80000c19bdbc x1 : 00000000ff00a081 x0 : 0000000000000004\nCall trace:\ntcpm_queue_vdm+0xe0/0xf0\ntcpm_pd_rx_handler+0x340/0x1ab0\nkthread_worker_fn+0xcc/0x18c\nkthread+0x10c/0x110\nret_from_fork+0x10/0x20\n---[ end trace 0000000000000000 ]---\n\nBelow sequences may trigger this warning:\n\ntcpm_send_discover_work(work)\n  tcpm_send_vdm(port, USB_SID_PD, CMD_DISCOVER_IDENT, NULL, 0);\n   tcpm_queue_vdm(port, header, data, count);\n    port-\u003evdm_state = VDM_STATE_READY;\n\nvdm_state_machine_work(work);\n\t\t\t\u003c-- received discover_identity from partner\n vdm_run_state_machine(port);\n  port-\u003evdm_state = VDM_STATE_SEND_MESSAGE;\n   mod_vdm_delayed_work(port, x);\n\ntcpm_pd_rx_handler(work);\n tcpm_pd_data_request(port, msg);\n  tcpm_handle_vdm_request(port, msg-\u003epayload, cnt);\n   tcpm_queue_vdm(port, response[0], &response[1], rlen - 1);\n--\u003e WARN_ON(port-\u003evdm_state \u003e VDM_STATE_DONE);\n\nFor this case, the state machine could still send out discover\nidentity message later if we skip current discover_identity message.\nSo we should handle the received message firstly and override the pending\ndiscover_identity message without warning in this case. Then, a delayed\nsend_discover work will send discover_identity message again.","modified":"2026-04-11T12:46:40.304350Z","published":"2025-05-02T15:55:04.815Z","related":["SUSE-SU-2025:02264-1","SUSE-SU-2025:02321-1","SUSE-SU-2025:02322-1","SUSE-SU-2025:02537-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53048.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/abfc4fa28f0160df61c7149567da4f6494dfb488"},{"type":"WEB","url":"https://git.kernel.org/stable/c/bb579b3f75c60bf488a7c36e092e8be583407d53"},{"type":"WEB","url":"https://git.kernel.org/stable/c/d55ca2d2ea1a7ec553213986993fba8c0257381c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e37d2c489d71e94ed4a39529bc9520a7fd983d42"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53048.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53048"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"e00943e916782ae17ca05d654779a84f09481ab8"},{"fixed":"bb579b3f75c60bf488a7c36e092e8be583407d53"},{"fixed":"d55ca2d2ea1a7ec553213986993fba8c0257381c"},{"fixed":"e37d2c489d71e94ed4a39529bc9520a7fd983d42"},{"fixed":"abfc4fa28f0160df61c7149567da4f6494dfb488"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53048.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.13.0"},{"fixed":"5.15.105"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.22"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.2.9"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53048.json"}}],"schema_version":"1.7.5"}