CVE-2020-36787 (GCVE-0-2020-36787)

Vulnerability from cvelistv5 – Published: 2024-02-28 08:13 – Updated: 2025-05-04 06:59
VLAI?
Title
media: aspeed: fix clock handling logic
Summary
In the Linux kernel, the following vulnerability has been resolved: media: aspeed: fix clock handling logic Video engine uses eclk and vclk for its clock sources and its reset control is coupled with eclk so the current clock enabling sequence works like below. Enable eclk De-assert Video Engine reset 10ms delay Enable vclk It introduces improper reset on the Video Engine hardware and eventually the hardware generates unexpected DMA memory transfers that can corrupt memory region in random and sporadic patterns. This issue is observed very rarely on some specific AST2500 SoCs but it causes a critical kernel panic with making a various shape of signature so it's extremely hard to debug. Moreover, the issue is observed even when the video engine is not actively used because udevd turns on the video engine hardware for a short time to make a query in every boot. To fix this issue, this commit changes the clock handling logic to make the reset de-assertion triggered after enabling both eclk and vclk. Also, it adds clk_unprepare call for a case when probe fails. clk: ast2600: fix reset settings for eclk and vclk Video engine reset setting should be coupled with eclk to match it with the setting for previous Aspeed SoCs which is defined in clk-aspeed.c since all Aspeed SoCs are sharing a single video engine driver. Also, reset bit 6 is defined as 'Video Engine' reset in datasheet so it should be de-asserted when eclk is enabled. This commit fixes the setting.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: d2b4387f3bdf016e266d23cf657465f557721488 , < 1dc1d30ac101bb8335d9852de2107af60c2580e7 (git)
Affected: d2b4387f3bdf016e266d23cf657465f557721488 , < a59d01384c80a8a4392665802df57c3df20055f5 (git)
Affected: d2b4387f3bdf016e266d23cf657465f557721488 , < 2964c37563e86cfdc439f217eb3c5a69adfdba6a (git)
Affected: d2b4387f3bdf016e266d23cf657465f557721488 , < 75321dc8aebe3f30eff226028fe6da340fe0bf02 (git)
Affected: d2b4387f3bdf016e266d23cf657465f557721488 , < 3536169f8531c2c5b153921dc7d1ac9fd570cda7 (git)
Create a notification for this product.
    Linux Linux Affected: 5.0
Unaffected: 0 , < 5.0 (semver)
Unaffected: 5.4.119 , ≤ 5.4.* (semver)
Unaffected: 5.10.37 , ≤ 5.10.* (semver)
Unaffected: 5.11.21 , ≤ 5.11.* (semver)
Unaffected: 5.12.4 , ≤ 5.12.* (semver)
Unaffected: 5.13 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-36787",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-28T21:09:13.755669Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:12:23.237Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T17:37:07.341Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/clk-ast2600.c",
            "drivers/media/platform/aspeed-video.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1dc1d30ac101bb8335d9852de2107af60c2580e7",
              "status": "affected",
              "version": "d2b4387f3bdf016e266d23cf657465f557721488",
              "versionType": "git"
            },
            {
              "lessThan": "a59d01384c80a8a4392665802df57c3df20055f5",
              "status": "affected",
              "version": "d2b4387f3bdf016e266d23cf657465f557721488",
              "versionType": "git"
            },
            {
              "lessThan": "2964c37563e86cfdc439f217eb3c5a69adfdba6a",
              "status": "affected",
              "version": "d2b4387f3bdf016e266d23cf657465f557721488",
              "versionType": "git"
            },
            {
              "lessThan": "75321dc8aebe3f30eff226028fe6da340fe0bf02",
              "status": "affected",
              "version": "d2b4387f3bdf016e266d23cf657465f557721488",
              "versionType": "git"
            },
            {
              "lessThan": "3536169f8531c2c5b153921dc7d1ac9fd570cda7",
              "status": "affected",
              "version": "d2b4387f3bdf016e266d23cf657465f557721488",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/clk/clk-ast2600.c",
            "drivers/media/platform/aspeed-video.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "5.0"
            },
            {
              "lessThan": "5.0",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.119",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.37",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.11.*",
              "status": "unaffected",
              "version": "5.11.21",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.12.*",
              "status": "unaffected",
              "version": "5.12.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "5.13",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.4.119",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.37",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.11.21",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.12.4",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.13",
                  "versionStartIncluding": "5.0",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: aspeed: fix clock handling logic\n\nVideo engine uses eclk and vclk for its clock sources and its reset\ncontrol is coupled with eclk so the current clock enabling sequence works\nlike below.\n\n Enable eclk\n De-assert Video Engine reset\n 10ms delay\n Enable vclk\n\nIt introduces improper reset on the Video Engine hardware and eventually\nthe hardware generates unexpected DMA memory transfers that can corrupt\nmemory region in random and sporadic patterns. This issue is observed\nvery rarely on some specific AST2500 SoCs but it causes a critical\nkernel panic with making a various shape of signature so it\u0027s extremely\nhard to debug. Moreover, the issue is observed even when the video\nengine is not actively used because udevd turns on the video engine\nhardware for a short time to make a query in every boot.\n\nTo fix this issue, this commit changes the clock handling logic to make\nthe reset de-assertion triggered after enabling both eclk and vclk. Also,\nit adds clk_unprepare call for a case when probe fails.\n\nclk: ast2600: fix reset settings for eclk and vclk\nVideo engine reset setting should be coupled with eclk to match it\nwith the setting for previous Aspeed SoCs which is defined in\nclk-aspeed.c since all Aspeed SoCs are sharing a single video engine\ndriver. Also, reset bit 6 is defined as \u0027Video Engine\u0027 reset in\ndatasheet so it should be de-asserted when eclk is enabled. This\ncommit fixes the setting."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T06:59:01.363Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5"
        },
        {
          "url": "https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a"
        },
        {
          "url": "https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02"
        },
        {
          "url": "https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7"
        }
      ],
      "title": "media: aspeed: fix clock handling logic",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2020-36787",
    "datePublished": "2024-02-28T08:13:07.275Z",
    "dateReserved": "2024-02-26T17:07:27.435Z",
    "dateUpdated": "2025-05-04T06:59:01.363Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2020-36787\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-02-28T09:15:37.030\",\"lastModified\":\"2024-12-11T16:42:29.080\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: aspeed: fix clock handling logic\\n\\nVideo engine uses eclk and vclk for its clock sources and its reset\\ncontrol is coupled with eclk so the current clock enabling sequence works\\nlike below.\\n\\n Enable eclk\\n De-assert Video Engine reset\\n 10ms delay\\n Enable vclk\\n\\nIt introduces improper reset on the Video Engine hardware and eventually\\nthe hardware generates unexpected DMA memory transfers that can corrupt\\nmemory region in random and sporadic patterns. This issue is observed\\nvery rarely on some specific AST2500 SoCs but it causes a critical\\nkernel panic with making a various shape of signature so it\u0027s extremely\\nhard to debug. Moreover, the issue is observed even when the video\\nengine is not actively used because udevd turns on the video engine\\nhardware for a short time to make a query in every boot.\\n\\nTo fix this issue, this commit changes the clock handling logic to make\\nthe reset de-assertion triggered after enabling both eclk and vclk. Also,\\nit adds clk_unprepare call for a case when probe fails.\\n\\nclk: ast2600: fix reset settings for eclk and vclk\\nVideo engine reset setting should be coupled with eclk to match it\\nwith the setting for previous Aspeed SoCs which is defined in\\nclk-aspeed.c since all Aspeed SoCs are sharing a single video engine\\ndriver. Also, reset bit 6 is defined as \u0027Video Engine\u0027 reset in\\ndatasheet so it should be de-asserted when eclk is enabled. This\\ncommit fixes the setting.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: medios: aspeed: corrige la l\u00f3gica de manejo del reloj El motor de video usa eclk y vclk para sus fuentes de reloj y su control de reinicio est\u00e1 acoplado con eclk para que la secuencia de habilitaci\u00f3n del reloj actual funcione como se muestra a continuaci\u00f3n. Habilitar eclk De-assert Video Engine restablece un retraso de 10 ms Habilitar vclk Introduce un reinicio incorrecto en el hardware de Video Engine y eventualmente el hardware genera transferencias de memoria DMA inesperadas que pueden da\u00f1ar la regi\u00f3n de la memoria en patrones aleatorios y espor\u00e1dicos. Este problema se observa muy raramente en algunos SoC AST2500 espec\u00edficos, pero provoca un p\u00e1nico cr\u00edtico en el kernel al crear varias formas de firma, por lo que es extremadamente dif\u00edcil de depurar. Adem\u00e1s, el problema se observa incluso cuando el motor de v\u00eddeo no se utiliza activamente porque udevd enciende el hardware del motor de v\u00eddeo durante un breve periodo de tiempo para realizar una consulta en cada arranque. Para solucionar este problema, esta confirmaci\u00f3n cambia la l\u00f3gica de manejo del reloj para activar la anulaci\u00f3n de reinicio despu\u00e9s de habilitar tanto eclk como vclk. Adem\u00e1s, agrega la llamada clk_unprepare para un caso en el que falla la sonda. clk: ast2600: corrige la configuraci\u00f3n de restablecimiento para eclk y vclk La configuraci\u00f3n de restablecimiento del motor de video debe combinarse con eclk para que coincida con la configuraci\u00f3n de los SoC Aspeed anteriores que se define en clk-aspeed.c, ya que todos los SoC Aspeed comparten un \u00fanico controlador de motor de video. Adem\u00e1s, el bit de reinicio 6 se define como reinicio del \u0027Motor de video\u0027 en la hoja de datos, por lo que debe desactivarse cuando eclk est\u00e1 habilitado. Este commit corrige la configuraci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.4.119\",\"matchCriteriaId\":\"9CE89AEF-FBDF-4C15-B17B-1A7C321B30AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.5\",\"versionEndExcluding\":\"5.10.37\",\"matchCriteriaId\":\"7A4CF5D6-ACBA-4980-ABFD-3D7A53B5BB4E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.11.21\",\"matchCriteriaId\":\"8CBB94EC-EC33-4464-99C5-03E5542715F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.12\",\"versionEndExcluding\":\"5.12.4\",\"matchCriteriaId\":\"D8C7052F-1B7B-4327-9C2B-84EBF3243838\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-04T17:37:07.341Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2020-36787\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-28T21:09:13.755669Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:13.871Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"media: aspeed: fix clock handling logic\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"d2b4387f3bdf016e266d23cf657465f557721488\", \"lessThan\": \"1dc1d30ac101bb8335d9852de2107af60c2580e7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d2b4387f3bdf016e266d23cf657465f557721488\", \"lessThan\": \"a59d01384c80a8a4392665802df57c3df20055f5\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d2b4387f3bdf016e266d23cf657465f557721488\", \"lessThan\": \"2964c37563e86cfdc439f217eb3c5a69adfdba6a\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d2b4387f3bdf016e266d23cf657465f557721488\", \"lessThan\": \"75321dc8aebe3f30eff226028fe6da340fe0bf02\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"d2b4387f3bdf016e266d23cf657465f557721488\", \"lessThan\": \"3536169f8531c2c5b153921dc7d1ac9fd570cda7\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/clk/clk-ast2600.c\", \"drivers/media/platform/aspeed-video.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.0\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"5.0\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.4.119\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.4.*\"}, {\"status\": \"unaffected\", \"version\": \"5.10.37\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.11.21\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.11.*\"}, {\"status\": \"unaffected\", \"version\": \"5.12.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.12.*\"}, {\"status\": \"unaffected\", \"version\": \"5.13\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/clk/clk-ast2600.c\", \"drivers/media/platform/aspeed-video.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7\"}, {\"url\": \"https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5\"}, {\"url\": \"https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a\"}, {\"url\": \"https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02\"}, {\"url\": \"https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nmedia: aspeed: fix clock handling logic\\n\\nVideo engine uses eclk and vclk for its clock sources and its reset\\ncontrol is coupled with eclk so the current clock enabling sequence works\\nlike below.\\n\\n Enable eclk\\n De-assert Video Engine reset\\n 10ms delay\\n Enable vclk\\n\\nIt introduces improper reset on the Video Engine hardware and eventually\\nthe hardware generates unexpected DMA memory transfers that can corrupt\\nmemory region in random and sporadic patterns. This issue is observed\\nvery rarely on some specific AST2500 SoCs but it causes a critical\\nkernel panic with making a various shape of signature so it\u0027s extremely\\nhard to debug. Moreover, the issue is observed even when the video\\nengine is not actively used because udevd turns on the video engine\\nhardware for a short time to make a query in every boot.\\n\\nTo fix this issue, this commit changes the clock handling logic to make\\nthe reset de-assertion triggered after enabling both eclk and vclk. Also,\\nit adds clk_unprepare call for a case when probe fails.\\n\\nclk: ast2600: fix reset settings for eclk and vclk\\nVideo engine reset setting should be coupled with eclk to match it\\nwith the setting for previous Aspeed SoCs which is defined in\\nclk-aspeed.c since all Aspeed SoCs are sharing a single video engine\\ndriver. Also, reset bit 6 is defined as \u0027Video Engine\u0027 reset in\\ndatasheet so it should be de-asserted when eclk is enabled. This\\ncommit fixes the setting.\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.4.119\", \"versionStartIncluding\": \"5.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.37\", \"versionStartIncluding\": \"5.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.11.21\", \"versionStartIncluding\": \"5.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.12.4\", \"versionStartIncluding\": \"5.0\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.13\", \"versionStartIncluding\": \"5.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2025-05-04T06:59:01.363Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2020-36787\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-05-04T06:59:01.363Z\", \"dateReserved\": \"2024-02-26T17:07:27.435Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-02-28T08:13:07.275Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.