How severe is CVE-2023-53287?

This vulnerability has a CVSS score of (Unknown severity).

How difficult is it to exploit CVE-2023-53287?

Exploit difficulty: HARD. Estimated time to exploit: > 4 hours. Required skills: Advanced security expertise.

CVE-2023-53287 - YourPassGen

In the Linux kernel, the following vulnerability has been resolved:

usb: cdns3: Put the cdns set active part outside the spin lock

The device may be scheduled during the resume process,
so this cannot appear in atomic operations. Since
pm_runtime_set_active will resume suppliers, put set
active outside the spin lock, which is only used to
protect the struct cdns data structure, otherwise the
kernel will report the following warning:

BUG: sleeping function called from invalid context at drivers/base/power/runtime.c:1163
in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 651, name: sh
preempt_count: 1, expected: 0
RCU nest depth: 0, expected: 0
CPU: 0 PID: 651 Comm: sh Tainted: G WC 6.1.20 #1
Hardware name: Freescale i.MX8QM MEK (DT)
Call trace:
dump_backtrace.part.0+0xe0/0xf0
show_stack+0x18/0x30
dump_stack_lvl+0x64/0x80
dump_stack+0x1c/0x38
__might_resched+0x1fc/0x240
__might_sleep+0x68/0xc0
__pm_runtime_resume+0x9c/0xe0
rpm_get_suppliers+0x68/0x1b0
__pm_runtime_set_status+0x298/0x560
cdns_resume+0xb0/0x1c0
cdns3_controller_resume.isra.0+0x1e0/0x250
cdns3_plat_resume+0x28/0x40

Related CVE by CWE

No related CWE found.

Top CVE for Vendor

No vendor taxonomy on this entry.

Recently Exploited Similar Vulnerabilities

No recent KEV-listed items for this vendor/product.

How to fix CVE-2023-53287

CVE-2023-53287 is a unknown severity vulnerability affecting the affected product.

Description: In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: Put the cdns set active part outside the spin lock The device may be scheduled during the resume process, so this cannot appear in atomic operations. Since pm_runtime_set_active will resume suppliers, put set active outside the spin lock, which is only used to […]

Exploit Difficulty: HARD
⏱️ Time to exploit: > 4 hours
🛠️ Required skills: Advanced security expertise
💰 Public exploits: Rare or not public

How to Fix:

1 Identify affected systems

- Check if you're running the affected product

2 Immediate actions

- Update to the latest patched version
- If patching is not immediately possible: restrict network exposure, apply least-privilege access

3 Verification

- Test the fix in a staging environment first
- Review logs for signs of exploitation
- Monitor for IOCs (Indicators of Compromise)

4 Long-term prevention

- Enable automatic security updates
- Set up vulnerability monitoring
- Review and harden security configurations

Full CVE details

Exploit Difficulty Assessment

HARD

⏱️ Time to Exploit: > 4 hours

🛠️ Skills Required: Advanced security expertise

💰 Public Exploits: Rare or not public

Vulnerability Timeline

Sep 16, 2025

Vulnerability Published

CVE details first published to NVD database

Nov 12, 2025

Imported to Database

Added to this CVE tracking system

Detection Rules & IOCs

No specific detection rules generated for this vulnerability type.

No vendor/product data available.

No related CVEs found (no vendor/product data available).