cve/2024/CVE-2024-53152.md

### [CVE-2024-53152](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53152)
![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=570d7715eed8a29ac5bd96c7694f060a991e5a31%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=6.10%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)

### Description

In the Linux kernel, the following vulnerability has been resolved:PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()Currently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPFdeinit notify function pci_epc_deinit_notify() are called during theexecution of pex_ep_event_pex_rst_assert() i.e., when the host has assertedPERST#. But quickly after this step, refclk will also be disabled by thehost.All of the tegra194 endpoint SoCs supported as of now depend on the refclkfrom the host for keeping the controller operational. Due to thislimitation, any access to the hardware registers in the absence of refclkwill result in a whole endpoint crash. Unfortunately, most of thecontroller cleanups require accessing the hardware registers (like eDMAcleanup performed in dw_pcie_ep_cleanup(), etc...). So these cleanupfunctions can cause the crash in the endpoint SoC once host asserts PERST#.One way to address this issue is by generating the refclk in the endpointitself and not depending on the host. But that is not always possible assome of the endpoint designs do require the endpoint to consume refclk fromthe host.Thus, fix this crash by moving the controller cleanups to the start ofthe pex_ep_event_pex_rst_deassert() function. This function is calledwhenever the host has deasserted PERST# and it is guaranteed that therefclk would be active at this point. So at the start of this function(after enabling resources) the controller cleanup can be performed. Oncefinished, rest of the code execution for PERST# deassert can continue asusual.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-53152](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-53152)`
			`![](https://img.shields.io/static/v1?label=Product&message=Linux&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=570d7715eed8a29ac5bd96c7694f060a991e5a31%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=6.10%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=blue)`

			`### Description`

			In the Linux kernel, the following vulnerability has been resolved:PCI: tegra194: Move controller cleanups to pex_ep_event_pex_rst_deassert()Currently, the endpoint cleanup function dw_pcie_ep_cleanup() and EPFdeinit notify function pci_epc_deinit_notify() are called during theexecution of pex_ep_event_pex_rst_assert() i.e., when the host has assertedPERST#. But quickly after this step, refclk will also be disabled by thehost.All of the tegra194 endpoint SoCs supported as of now depend on the refclkfrom the host for keeping the controller operational. Due to thislimitation, any access to the hardware registers in the absence of refclkwill result in a whole endpoint crash. Unfortunately, most of thecontroller cleanups require accessing the hardware registers (like eDMAcleanup performed in dw_pcie_ep_cleanup(), etc...). So these cleanupfunctions can cause the crash in the endpoint SoC once host asserts PERST#.One way to address this issue is by generating the refclk in the endpointitself and not depending on the host. But that is not always possible assome of the endpoint designs do require the endpoint to consume refclk fromthe host.Thus, fix this crash by moving the controller cleanups to the start ofthe pex_ep_event_pex_rst_deassert() function. This function is calledwhenever the host has deasserted PERST# and it is guaranteed that therefclk would be active at this point. So at the start of this function(after enabling resources) the controller cleanup can be performed. Oncefinished, rest of the code execution for PERST# deassert can continue asusual.

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/fkie-cad/nvd-json-data-feeds`