CVE-2023-52519: 
Linux Kernel vulnerability analysis and mitigation

CVE-2023-52519 affects the Linux kernel's Intel ISH (Integrated Sensor Hub) HID driver. The vulnerability was discovered in the handling of ACPI GPE (General Purpose Event) bits for EHL (Elkhart Lake) based platforms. The issue was disclosed on March 2, 2024, affecting Linux kernel versions from 5.12 through 6.6-rc4 (NVD).

The vulnerability occurs in the Intel ISH HID driver's power management functionality. When the OOB (Out of band) service is enabled in BIOS settings, the ISH device gets PME wake capability. The driver needs to enable ACPI GPE bit for PME wakeup. However, when the system resumes, BIOS clears the wakeup bit without decrementing the internal OS GPE reference count. This leads to a potential reference count overflow due to repeated re-enabling of the bit during resume operations (Kernel Patch). The vulnerability has been assigned a CVSS v3.1 Base Score of 7.1 HIGH with vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H (NVD).

The vulnerability could potentially lead to reference count overflow in the kernel's ACPI GPE handling, affecting system stability and power management functionality on affected Elkhart Lake based platforms (Kernel Patch).

The issue has been fixed by modifying the driver to first disable and then re-enable the ACPI GPE bit using acpidisablegpe() before enabling it again. This prevents the reference count overflow issue. The fix has been implemented in the Linux kernel through a patch that modifies the drivers/hid/intel-ish-hid/ipc/pci-ish.c file (Kernel Patch).