Unrated severityNVD Advisory· Published May 2, 2025· Updated May 4, 2025
usb: dwc2: fix a devres leak in hw_enable upon suspend resume
CVE-2023-53054
Description
In the Linux kernel, the following vulnerability has been resolved:
usb: dwc2: fix a devres leak in hw_enable upon suspend resume
Each time the platform goes to low power, PM suspend / resume routines call: __dwc2_lowlevel_hw_enable -> devm_add_action_or_reset(). This adds a new devres each time. This may also happen at runtime, as dwc2_lowlevel_hw_enable() can be called from udc_start().
This can be seen with tracing: - echo 1 > /sys/kernel/debug/tracing/events/dev/devres_log/enable - go to low power - cat /sys/kernel/debug/tracing/trace
A new "ADD" entry is found upon each low power cycle: ... devres_log: 49000000.usb-otg ADD 82a13bba devm_action_release (8 bytes) ... devres_log: 49000000.usb-otg ADD 49889daf devm_action_release (8 bytes) ...
A second issue is addressed here: - regulator_bulk_enable() is called upon each PM cycle (suspend/resume). - regulator_bulk_disable() never gets called.
So the reference count for these regulators constantly increase, by one upon each low power cycle, due to missing regulator_bulk_disable() call in __dwc2_lowlevel_hw_disable().
The original fix that introduced the devm_add_action_or_reset() call, fixed an issue during probe, that happens due to other errors in dwc2_driver_probe() -> dwc2_core_reset(). Then the probe fails without disabling regulators, when dr_mode == USB_DR_MODE_PERIPHERAL.
Rather fix the error path: disable all the low level hardware in the error path, by using the "hsotg->ll_hw_enabled" flag. Checking dr_mode has been introduced to avoid a dual call to dwc2_lowlevel_hw_disable(). "ll_hw_enabled" should achieve the same (and is used currently in the remove() routine).
Affected products
85- osv-coords83 versionspkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-64kb&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-default-base&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-default-base&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-default&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-docs&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-livepatch-SLE15-SP4_Update_41&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP4pkg:rpm/suse/kernel-livepatch-SLE15-SP5_Update_27&distro=SUSE%20Linux%20Enterprise%20Live%20Patching%2015%20SP5pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-obs-build&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-source&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.3pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4pkg:rpm/suse/kernel-source-rt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-ESPOSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP4pkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Proxy%204.3pkg:rpm/suse/kernel-syms&distro=SUSE%20Manager%20Server%204.3pkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP4-LTSSpkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/kernel-zfcpdump&distro=SUSE%20Manager%20Server%204.3
< 5.14.21-150400.24.167.1+ 82 more
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150500.55.110.1.150500.6.51.3
- (no CPE)range: < 5.14.21-150500.55.110.1.150500.6.51.3
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150500.55.110.1.150500.6.51.3
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150500.55.110.1.150500.6.51.3
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150500.55.110.1.150500.6.51.3
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150400.24.167.1.150400.24.84.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 1-150400.9.3.1
- (no CPE)range: < 1-150500.11.7.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.15.121.1
- (no CPE)range: < 5.14.21-150400.15.121.1
- (no CPE)range: < 5.14.21-150500.13.97.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.15.121.1
- (no CPE)range: < 5.14.21-150400.15.121.1
- (no CPE)range: < 5.14.21-150500.13.97.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150400.24.167.1
- (no CPE)range: < 5.14.21-150500.55.110.1
- (no CPE)range: < 5.14.21-150400.24.167.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- git.kernel.org/stable/c/1f01027c51eb16145e8e07fafea3ca07ef102d06mitre
- git.kernel.org/stable/c/6485fc381b6528b6f547ee1ff10bdbcbe31a6e4cmitre
- git.kernel.org/stable/c/cba76e1fb896b573f09f51aa299223276a77bc90mitre
- git.kernel.org/stable/c/f747313249b74f323ddf841a9c8db14d989f296amitre
- git.kernel.org/stable/c/ffb8ab6f87bd28d700ab5c20d9d3a7e75067630dmitre
News mentions
0No linked articles in our index yet.