VYPR
← All advisories
Unrated severityNVD Advisory· Published Dec 9, 2025· Updated Apr 15, 2026

CVE-2023-53866

CVE-2023-53866

Description

In the Linux kernel, the following vulnerability has been resolved:

ASoC: soc-compress: Reposition and add pcm_mutex

If panic_on_warn is set and compress stream(DPCM) is started, then kernel panic occurred because card->pcm_mutex isn't held appropriately. In the following functions, warning were issued at this line "snd_soc_dpcm_mutex_assert_held".

static int dpcm_be_connect(struct snd_soc_pcm_runtime *fe, struct snd_soc_pcm_runtime *be, int stream) { ... snd_soc_dpcm_mutex_assert_held(fe); ... }

void dpcm_be_disconnect(struct snd_soc_pcm_runtime *fe, int stream) { ... snd_soc_dpcm_mutex_assert_held(fe); ... }

void snd_soc_runtime_action(struct snd_soc_pcm_runtime *rtd, int stream, int action) { ... snd_soc_dpcm_mutex_assert_held(rtd); ... }

int dpcm_dapm_stream_event(struct snd_soc_pcm_runtime *fe, int dir, int event) { ... snd_soc_dpcm_mutex_assert_held(fe); ... }

These functions are called by soc_compr_set_params_fe, soc_compr_open_fe and soc_compr_free_fe without pcm_mutex locking. And this is call stack.

[ 414.527841][ T2179] pc : dpcm_process_paths+0x5a4/0x750 [ 414.527848][ T2179] lr : dpcm_process_paths+0x37c/0x750 [ 414.527945][ T2179] Call trace: [ 414.527949][ T2179] dpcm_process_paths+0x5a4/0x750 [ 414.527955][ T2179] soc_compr_open_fe+0xb0/0x2cc [ 414.527972][ T2179] snd_compr_open+0x180/0x248 [ 414.527981][ T2179] snd_open+0x15c/0x194 [ 414.528003][ T2179] chrdev_open+0x1b0/0x220 [ 414.528023][ T2179] do_dentry_open+0x30c/0x594 [ 414.528045][ T2179] vfs_open+0x34/0x44 [ 414.528053][ T2179] path_openat+0x914/0xb08 [ 414.528062][ T2179] do_filp_open+0xc0/0x170 [ 414.528068][ T2179] do_sys_openat2+0x94/0x18c [ 414.528076][ T2179] __arm64_sys_openat+0x78/0xa4 [ 414.528084][ T2179] invoke_syscall+0x48/0x10c [ 414.528094][ T2179] el0_svc_common+0xbc/0x104 [ 414.528099][ T2179] do_el0_svc+0x34/0xd8 [ 414.528103][ T2179] el0_svc+0x34/0xc4 [ 414.528125][ T2179] el0t_64_sync_handler+0x8c/0xfc [ 414.528133][ T2179] el0t_64_sync+0x1a0/0x1a4 [ 414.528142][ T2179] Kernel panic - not syncing: panic_on_warn set ...

So, I reposition and add pcm_mutex to resolve lockdep error.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Missing pcm_mutex locking in Linux kernel's ASoC compress offload (DPCM) functions can trigger a kernel panic when panic_on_warn is set.

In the Linux kernel's ASoC subsystem, the soc-compress code for DPCM (Dynamic PCM) compress streams failed to hold the card->pcm_mutex before calling functions that assert the mutex is held. The functions dpcm_be_connect, dpcm_be_disconnect, snd_soc_runtime_action, and dpcm_dapm_stream_event all contain snd_soc_dpcm_mutex_assert_held checks, but they were invoked by soc_compr_set_params_fe, soc_compr_open_fe, and soc_compr_free_fe without acquiring the mutex first. This missing lock leads to a warning and, if panic_on_warn is enabled, a kernel panic.

An attacker with local access can trigger the bug by opening a compress stream via snd_compr_open, which calls soc_compr_open_fe. The call chain proceeds to dpcm_process_paths without holding pcm_mutex, hitting the assertion and causing a warning. The stack trace from the description shows the panic occurring in dpcm_process_paths during a compress stream open operation. No special privileges beyond the ability to open a compress audio device are required.

The impact is a denial of service: if the system has panic_on_warn set (common in debugging or hardened configurations), the kernel panics immediately upon the warning. Even without panic_on_warn, the missing lock could allow race conditions that corrupt internal state, potentially leading to unpredictable behavior or crashes.

Patches have been applied to the Linux kernel stable branches to reposition and add the pcm_mutex locking in the compress stream functions [1][2][3]. Users should update to a kernel version containing these fixes. The vulnerability is fixed in commits referenced by the stable kernel tree.

References
  1. Making sure you're not a bot!
  2. Making sure you're not a bot!
  3. Making sure you're not a bot!

AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

2
  • Linux/Kernelinferred2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)

Patches

3
9a9942cbdb7c
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
37a3eb6054d1
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit
aa9ff6a4955f
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.gitvia osv
commit

Vulnerability mechanics

Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

3

News mentions

0

No linked articles in our index yet.