CVE-2023-53274
clk: mediatek: mt8183: Add back SSPM related clocks
Description
In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183: Add back SSPM related clocks This reverts commit 860690a93ef23b567f781c1b631623e27190f101. On the MT8183, the SSPM related clocks were removed claiming a lack of usage. This however causes some issues when the driver was converted to the new simple-probe mechanism. This mechanism allocates enough space for all the clocks defined in the clock driver, not the highest index in the DT binding. This leads to out-of-bound writes if their are holes in the DT binding or the driver (due to deprecated or unimplemented clocks). These errors can go unnoticed and cause memory corruption, leading to crashes in unrelated areas, or nothing at all. KASAN will detect them. Add the SSPM related clocks back to the MT8183 clock driver to fully implement the DT binding. The SSPM clocks are for the power management co-processor, and should never be turned off. They are marked as such.
INFO
Published Date :
Sept. 16, 2025, 8:11 a.m.
Last Modified :
Sept. 16, 2025, 8:11 a.m.
Remotely Exploit :
No
Source :
Linux
Affected Products
The following products are affected by CVE-2023-53274
vulnerability.
Even if cvefeed.io is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
No affected product recoded yet
Solution
- Revert commit 860690a93ef23b567f781c1b631623e27190f101.
- Re-add SSPM related clocks to the MT8183 clock driver.
- Ensure SSPM clocks are marked as never to be turned off.
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2023-53274 vulnerability anywhere in the article.