CVE-2023-53176 [Medium] | Security Vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port->pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the generic serial8250 driver takes over the port. After that we see an oops about 10 seconds later. This can produce the following at least on some TI SoCs: Unhandled fault: imprecise external abort (0x1406) Internal error: : 1406 [#1] SMP ARM Turns out that we may still have the serial port hardware specific driver port->pm in use, and serial8250_pm() tries to call it after the port specific driver is gone: serial8250_pm [8250_base] from uart_change_pm+0x54/0x8c [serial_base] uart_change_pm [serial_base] from uart_hangup+0x154/0x198 [serial_base] uart_hangup [serial_base] from __tty_hangup.part.0+0x328/0x37c __tty_hangup.part.0 from disassociate_ctty+0x154/0x20c disassociate_ctty from do_exit+0x744/0xaac do_exit from do_group_exit+0x40/0x8c do_group_exit from __wake_up_parent+0x0/0x1c Let's fix the issue by calling serial8250_set_defaults() in serial8250_unregister_port(). This will set the port back to using the serial8250 default functions, and sets the port->pm to point to serial8250_pm.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-09-16	—	0.02%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2025-09-16

—

0.02%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
5.5	3.1	MEDIUM	`CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:L) A normal user session is enough; they don’t have to be admin. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:N) Doesn’t really leak secrets in a meaningful way. Integrity (I:N) Data isn’t meaningfully altered or forged. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	1.8	3.6	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

5.5

3.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:L): A normal user session is enough; they don’t have to be admin.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:N): Doesn’t really leak secrets in a meaningful way.
Integrity (I:N): Data isn’t meaningfully altered or forged.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

1.8

3.6

[email protected]

OS Trackers for CVE-2023-53176

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2023-53176 not yet assigned priority: Debian including 1 source packages (linux), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2023-53176
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2023-53176
`suse`	medium	—	https://www.suse.com/security/cve/CVE-2023-53176/
`ubuntu`	medium	CVE-2023-53176 medium priority: Ubuntu including 158 source packages (linux, linux-allwinner-5.19, …), 1414 status rows across 9 suites (bionic, focal, jammy, noble, plucky, questing, trusty, upstream, xenial): DNE 1017, ignored 162, released 138, not-affected 76, needed 20, needs-triage 1.	https://ubuntu.com/security/CVE-2023-53176

Affected software / configurations for CVE-2023-53176

Vendor	Product	Version	Raw CPE
linux	linux_kernel	< 4.14.316	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 4.15, < 4.19.284	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 4.20, < 5.4.244	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 5.5, < 5.10.181	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 5.11, < 5.15.113	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 5.16, < 6.1.30	cpe:2.3:o:linux:linux_kernel::::::::
linux	linux_kernel	>= 6.2, < 6.3.4	cpe:2.3:o:linux:linux_kernel::::::::

References for CVE-2023-53176

URL	Tags
https://git.kernel.org/stable/c/04e82793f068d2f0ffe62fcea03d007a8cdc16a7	Patch
https://git.kernel.org/stable/c/1ba5594739d858e524ff0f398ee1ebfe0a8b9d41	Patch
https://git.kernel.org/stable/c/2c86a1305c1406f45ea780d06953c484ea1d9e6e	Patch
https://git.kernel.org/stable/c/490bf37eaabb0a857ed1ae8e75d8854e41662f1c	Patch
https://git.kernel.org/stable/c/8e596aed5f2f98cf3e6e98d6fe1d689f4a319308	Patch
https://git.kernel.org/stable/c/af4d6dbb1a92ea424ad1ba1d0c88c7fa2345d872	Patch
https://git.kernel.org/stable/c/c9e080c3005fd183c56ff8f4d75edb5da0765d2c	Patch
https://git.kernel.org/stable/c/d5cd2928d31042a7c0a01464f9a8d95be736421d	Patch

URL

CVE-2023-53176 | serial: 8250: Reinit port->pm on port specific driver unbind

Exploit prediction scoring system (EPSS) score for CVE-2023-53176

Common vulnerability scoring system (CVSS) metrics for CVE-2023-53176

Weakness enumeration for CVE-2023-53176

OS Trackers for CVE-2023-53176

Affected software / configurations for CVE-2023-53176

References for CVE-2023-53176