diff options
author | Lee Jones <lee@kernel.org> | 2024-03-26 17:21:35 +0000 |
---|---|---|
committer | Lee Jones <lee@kernel.org> | 2024-03-26 17:21:35 +0000 |
commit | 439ea9ff3c7537d267589f0c410f462a936ecce9 (patch) | |
tree | 4a1d844665c3d550c328e57d79aa9acb89f4cc84 | |
parent | e436aea90532d9b1cc0540dcd249e7304570c634 (diff) | |
download | vulns-439ea9ff3c7537d267589f0c410f462a936ecce9.tar.gz |
published: Create and publish a few CVES from v6.7.4 annotated reviews
Signed-off-by: Lee Jones <lee@kernel.org>
-rw-r--r-- | cve/published/2023/CVE-2023-52621 (renamed from cve/reserved/2023/CVE-2023-52621) | 0 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52621.json | 108 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52621.mbox | 105 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52621.sha1 | 1 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52622 (renamed from cve/reserved/2023/CVE-2023-52622) | 0 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52622.json | 168 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52622.mbox | 115 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52622.sha1 | 1 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52623 (renamed from cve/reserved/2023/CVE-2023-52623) | 0 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52623.json | 168 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52623.mbox | 146 | ||||
-rw-r--r-- | cve/published/2023/CVE-2023-52623.sha1 | 1 |
12 files changed, 813 insertions, 0 deletions
diff --git a/cve/reserved/2023/CVE-2023-52621 b/cve/published/2023/CVE-2023-52621 index e69de29b..e69de29b 100644 --- a/cve/reserved/2023/CVE-2023-52621 +++ b/cve/published/2023/CVE-2023-52621 diff --git a/cve/published/2023/CVE-2023-52621.json b/cve/published/2023/CVE-2023-52621.json new file mode 100644 index 00000000..557d7ae0 --- /dev/null +++ b/cve/published/2023/CVE-2023-52621.json @@ -0,0 +1,108 @@ +{ + "containers": { + "cna": { + "providerMetadata": { + "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" + }, + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Check rcu_read_lock_trace_held() before calling bpf map helpers\n\nThese three bpf_map_{lookup,update,delete}_elem() helpers are also\navailable for sleepable bpf program, so add the corresponding lock\nassertion for sleepable bpf program, otherwise the following warning\nwill be reported when a sleepable bpf program manipulates bpf map under\ninterpreter mode (aka bpf_jit_enable=0):\n\n WARNING: CPU: 3 PID: 4985 at kernel/bpf/helpers.c:40 ......\n CPU: 3 PID: 4985 Comm: test_progs Not tainted 6.6.0+ #2\n Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ......\n RIP: 0010:bpf_map_lookup_elem+0x54/0x60\n ......\n Call Trace:\n <TASK>\n ? __warn+0xa5/0x240\n ? bpf_map_lookup_elem+0x54/0x60\n ? report_bug+0x1ba/0x1f0\n ? handle_bug+0x40/0x80\n ? exc_invalid_op+0x18/0x50\n ? asm_exc_invalid_op+0x1b/0x20\n ? __pfx_bpf_map_lookup_elem+0x10/0x10\n ? rcu_lockdep_current_cpu_online+0x65/0xb0\n ? rcu_is_watching+0x23/0x50\n ? bpf_map_lookup_elem+0x54/0x60\n ? __pfx_bpf_map_lookup_elem+0x10/0x10\n ___bpf_prog_run+0x513/0x3b70\n __bpf_prog_run32+0x9d/0xd0\n ? __bpf_prog_enter_sleepable_recur+0xad/0x120\n ? __bpf_prog_enter_sleepable_recur+0x3e/0x120\n bpf_trampoline_6442580665+0x4d/0x1000\n __x64_sys_getpgid+0x5/0x30\n ? do_syscall_64+0x36/0xb0\n entry_SYSCALL_64_after_hwframe+0x6e/0x76\n </TASK>" + } + ], + "affected": [ + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "unaffected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "1da177e4c3f4", + "lessThan": "d6d6fe4bb105", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "483cb92334cd", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "c7f1b6146f4a", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "169410eba271", + "status": "affected", + "versionType": "git" + } + ] + }, + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "affected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "6.1.77", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.16", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.7.4", + "lessThanOrEqual": "6.7.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ] + } + ], + "references": [ + { + "url": "https://git.kernel.org/stable/c/d6d6fe4bb105595118f12abeed4a7bdd450853f3" + }, + { + "url": "https://git.kernel.org/stable/c/483cb92334cd7f1d5387dccc0ab5d595d27a669d" + }, + { + "url": "https://git.kernel.org/stable/c/c7f1b6146f4a46d727c0d046284c28b6882c6304" + }, + { + "url": "https://git.kernel.org/stable/c/169410eba271afc9f0fb476d996795aa26770c6d" + } + ], + "title": "bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers", + "x_generator": { + "engine": "bippy-b4257b672505" + } + } + }, + "cveMetadata": { + "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", + "cveID": "CVE-2023-52621", + "requesterUserId": "lee@kernel.org", + "serial": "1", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.0" +} diff --git a/cve/published/2023/CVE-2023-52621.mbox b/cve/published/2023/CVE-2023-52621.mbox new file mode 100644 index 00000000..6df3e51c --- /dev/null +++ b/cve/published/2023/CVE-2023-52621.mbox @@ -0,0 +1,105 @@ +From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From: Lee Jones <lee@kernel.org> +To: <linux-cve-announce@vger.kernel.org> +Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> +Subject: CVE-2023-52621: bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers +X-Developer-Signature: v=1; a=openpgp-sha256; l=3077; i=lee@kernel.org; + h=from:subject; bh=E8EkmCtKjd4P3QjfiKp1bDDsUUoBAbFGtloT5m8/9IE=; + b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBmAwOjjUMFs+5jJsxwA5a+/vCvKKTHu3BJETAug + +nJqMxAfUiJAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZgMDowAKCRBRr4ovh/x3 + YZOAD/9+PYD+749hOXa/7EwNp+iwK2VHoWmUU2GhEUAx5HLyYmR3nIevvbrIWsgrReOp6M+1Z8U + xpm183nJcPSMWUmXGSJVAb4+p+yjUq4UTQn5TFU/zbgaN7TADpbyPIplfRrrLj68qtnFlj3cN7b + D+XUNU6GF3tJpydDtNmgj57olQw1uVAUpFqVO4eJckNeSaxaSbYxtyN5gCmOESp6a4KUEyerl9a + CrivmzfVB4VrA2t+uQ7K/uUz89LgdcT4sRmj8amCTBLv+pHJvFiETV1bgftuvDK2erO6gbh9ULn + hHxETia3GqlvS+tBOclLLBhlEV19A8FPDQmzt5mshBsR7bQC17aPt+IUto9zRxRF8WeJoG3j1mL + DcsuoEPoOD0wiDFEGJXZFLxpYTlFLEYsIuvjXrzU5aZgft3DG6BMPlx6iT11s1enNYh2Gqz3A7g + r6WIeNOzHERjWtw9w4dXIYCWCqcxcRuI0WrPwDkQ7EEy68uPB7YoG+iJgZxOPaSPL/Q61XG1NOV + nv4yAVoaUe/sNB0W9PgTTSnaaqXuTLi/hyZ/9PHvlsaFz5ysFi2Hq72cCP0/yNO4tjKu6Lt4Laq + H1txjhcuz/CzoE7nqrAgUsUK/zqUo+x9f9dbdl1tbkVLAWB4sMdcN1gqmQJ2tJqivZmf+m1EE+Q + WCcH7ePmXSJGv5Q== +X-Developer-Key: i=lee@kernel.org; a=openpgp; + fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 + +Description +=========== + +In the Linux kernel, the following vulnerability has been resolved: + +bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers + +These three bpf_map_{lookup,update,delete}_elem() helpers are also +available for sleepable bpf program, so add the corresponding lock +assertion for sleepable bpf program, otherwise the following warning +will be reported when a sleepable bpf program manipulates bpf map under +interpreter mode (aka bpf_jit_enable=0): + + WARNING: CPU: 3 PID: 4985 at kernel/bpf/helpers.c:40 ...... + CPU: 3 PID: 4985 Comm: test_progs Not tainted 6.6.0+ #2 + Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ...... + RIP: 0010:bpf_map_lookup_elem+0x54/0x60 + ...... + Call Trace: + <TASK> + ? __warn+0xa5/0x240 + ? bpf_map_lookup_elem+0x54/0x60 + ? report_bug+0x1ba/0x1f0 + ? handle_bug+0x40/0x80 + ? exc_invalid_op+0x18/0x50 + ? asm_exc_invalid_op+0x1b/0x20 + ? __pfx_bpf_map_lookup_elem+0x10/0x10 + ? rcu_lockdep_current_cpu_online+0x65/0xb0 + ? rcu_is_watching+0x23/0x50 + ? bpf_map_lookup_elem+0x54/0x60 + ? __pfx_bpf_map_lookup_elem+0x10/0x10 + ___bpf_prog_run+0x513/0x3b70 + __bpf_prog_run32+0x9d/0xd0 + ? __bpf_prog_enter_sleepable_recur+0xad/0x120 + ? __bpf_prog_enter_sleepable_recur+0x3e/0x120 + bpf_trampoline_6442580665+0x4d/0x1000 + __x64_sys_getpgid+0x5/0x30 + ? do_syscall_64+0x36/0xb0 + entry_SYSCALL_64_after_hwframe+0x6e/0x76 + </TASK> + +The Linux kernel CVE team has assigned CVE-2023-52621 to this issue. + + +Affected and fixed versions +=========================== + + Fixed in 6.1.77 with commit d6d6fe4bb105 + Fixed in 6.6.16 with commit 483cb92334cd + Fixed in 6.7.4 with commit c7f1b6146f4a + Fixed in 6.8 with commit 169410eba271 + +Please see https://www.kernel.org for a full list of currently supported +kernel versions by the kernel community. + +Unaffected versions might change over time as fixes are backported to +older supported kernel versions. The official CVE entry at + https://cve.org/CVERecord/?id=CVE-2023-52621 +will be updated if fixes are backported, please check that for the most +up to date information about this issue. + + +Affected files +============== + +The file(s) affected by this issue are: + kernel/bpf/helpers.c + + +Mitigation +========== + +The Linux kernel CVE team recommends that you update to the latest +stable kernel version for this, and many other bugfixes. Individual +changes are never tested alone, but rather are part of a larger kernel +release. Cherry-picking individual commits is not recommended or +supported by the Linux kernel community at all. If however, updating to +the latest release is impossible, the individual changes to resolve this +issue can be found at these commits: + https://git.kernel.org/stable/c/d6d6fe4bb105595118f12abeed4a7bdd450853f3 + https://git.kernel.org/stable/c/483cb92334cd7f1d5387dccc0ab5d595d27a669d + https://git.kernel.org/stable/c/c7f1b6146f4a46d727c0d046284c28b6882c6304 + https://git.kernel.org/stable/c/169410eba271afc9f0fb476d996795aa26770c6d diff --git a/cve/published/2023/CVE-2023-52621.sha1 b/cve/published/2023/CVE-2023-52621.sha1 new file mode 100644 index 00000000..00662813 --- /dev/null +++ b/cve/published/2023/CVE-2023-52621.sha1 @@ -0,0 +1 @@ +169410eba271afc9f0fb476d996795aa26770c6d diff --git a/cve/reserved/2023/CVE-2023-52622 b/cve/published/2023/CVE-2023-52622 index e69de29b..e69de29b 100644 --- a/cve/reserved/2023/CVE-2023-52622 +++ b/cve/published/2023/CVE-2023-52622 diff --git a/cve/published/2023/CVE-2023-52622.json b/cve/published/2023/CVE-2023-52622.json new file mode 100644 index 00000000..8a92766f --- /dev/null +++ b/cve/published/2023/CVE-2023-52622.json @@ -0,0 +1,168 @@ +{ + "containers": { + "cna": { + "providerMetadata": { + "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" + }, + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid online resizing failures due to oversized flex bg\n\nWhen we online resize an ext4 filesystem with a oversized flexbg_size,\n\n mkfs.ext4 -F -G 67108864 $dev -b 4096 100M\n mount $dev $dir\n resize2fs $dev 16G\n\nthe following WARN_ON is triggered:\n==================================================================\nWARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550\nModules linked in: sg(E)\nCPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314\nRIP: 0010:__alloc_pages+0x411/0x550\nCall Trace:\n <TASK>\n __kmalloc_large_node+0xa2/0x200\n __kmalloc+0x16e/0x290\n ext4_resize_fs+0x481/0xd80\n __ext4_ioctl+0x1616/0x1d90\n ext4_ioctl+0x12/0x20\n __x64_sys_ioctl+0xf0/0x150\n do_syscall_64+0x3b/0x90\n==================================================================\n\nThis is because flexbg_size is too large and the size of the new_group_data\narray to be allocated exceeds MAX_ORDER. Currently, the minimum value of\nMAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding\nmaximum number of groups that can be allocated is:\n\n (PAGE_SIZE << MAX_ORDER) / sizeof(struct ext4_new_group_data) ≈ 21845\n\nAnd the value that is down-aligned to the power of 2 is 16384. Therefore,\nthis value is defined as MAX_RESIZE_BG, and the number of groups added\neach time does not exceed this value during resizing, and is added multiple\ntimes to complete the online resizing. The difference is that the metadata\nin a flex_bg may be more dispersed." + } + ], + "affected": [ + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "unaffected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "1da177e4c3f4", + "lessThan": "cd1f93ca97a9", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "b183fe8702e7", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "cfbbb3199e71", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "d76c8d7ffe16", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "6d2cbf517dca", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "8b1413dbfe49", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "dc3e0f55bec4", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "5d1935ac02ca", + "status": "affected", + "versionType": "git" + } + ] + }, + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "affected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "4.19.307", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.269", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.210", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.149", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.77", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.16", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.7.4", + "lessThanOrEqual": "6.7.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ] + } + ], + "references": [ + { + "url": "https://git.kernel.org/stable/c/cd1f93ca97a9136989f3bd2bf90696732a2ed644" + }, + { + "url": "https://git.kernel.org/stable/c/b183fe8702e78bba3dcef8e7193cab6898abee07" + }, + { + "url": "https://git.kernel.org/stable/c/cfbbb3199e71b63fc26cee0ebff327c47128a1e8" + }, + { + "url": "https://git.kernel.org/stable/c/d76c8d7ffe163c6bf2f1ef680b0539c2b3902b90" + }, + { + "url": "https://git.kernel.org/stable/c/6d2cbf517dcabc093159cf138ad5712c9c7fa954" + }, + { + "url": "https://git.kernel.org/stable/c/8b1413dbfe49646eda2c00c0f1144ee9d3368e0c" + }, + { + "url": "https://git.kernel.org/stable/c/dc3e0f55bec4410f3d74352c4a7c79f518088ee2" + }, + { + "url": "https://git.kernel.org/stable/c/5d1935ac02ca5aee364a449a35e2977ea84509b0" + } + ], + "title": "ext4: avoid online resizing failures due to oversized flex bg", + "x_generator": { + "engine": "bippy-b4257b672505" + } + } + }, + "cveMetadata": { + "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", + "cveID": "CVE-2023-52622", + "requesterUserId": "lee@kernel.org", + "serial": "1", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.0" +} diff --git a/cve/published/2023/CVE-2023-52622.mbox b/cve/published/2023/CVE-2023-52622.mbox new file mode 100644 index 00000000..d0b607a3 --- /dev/null +++ b/cve/published/2023/CVE-2023-52622.mbox @@ -0,0 +1,115 @@ +From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From: Lee Jones <lee@kernel.org> +To: <linux-cve-announce@vger.kernel.org> +Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> +Subject: CVE-2023-52622: ext4: avoid online resizing failures due to oversized flex bg +X-Developer-Signature: v=1; a=openpgp-sha256; l=3711; i=lee@kernel.org; + h=from:subject; bh=NmUU5F0Km3r8mgtguVDjqATqOSFhJi/ge7BJnViitmQ=; + b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBmAwOjn5gQu/RPGd7JXG6DZWwKtenwiOxZ1n9nB + MEPVAtd/niJAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZgMDowAKCRBRr4ovh/x3 + YZPkEACeR3PxiEOm6GlLTd/3H5D2Nj5ZjbBRE2XGt4hOAgJ0KndofMJ/Or16wwwWCCdLLT5koK7 + G1ozewctG1KchCDF7CX1EY4wPTfT+xAEe1JShodXo8Mnj4B2PWivar5+puMQbcC7nRKJV7JBl75 + oWC9QQoY7UCmKS2BWl5Ezu62sRX4EWPCmTzlTwkAtTlpMEJ2HrFtVIK/AhKgMUyggCt3LRxx0v2 + vTboYEn90hIJ5AsQ+B8kE6CZgP1b2nD582ZssfiOXx+EI3xOLDmY41/MC0tvXxHrLid1Czri9EB + oJ0qgd95vy2SQYpbnQBoiDhDoOy0bn7w0nM1wLAay6frV7bPWZJ7wsWbkxhhjbYkdIfFefsYbCh + ceUdI2FfkZza1TBUVQvbHtEiQQBCSNhHIbj/gNc716z3p71BrrujZ+5WbKYtCYbqcR4scBdpOKG + zvIcCPVemA+jva3j+H8VLa3vOQcF3D4DVc1OpjBTmgtNKx0QXwvtNk/zWjw30L/CS+IcrQlAOB+ + IXU1xc4O2QQVOIg16KuAGDz5ock1EUum0bmUhMMtXldY8V6L85efSN+PHAvCKhlkuwSQby5pj2y + t7Y9BLrFJIi/G331cai0YJwtjbZ2jBPS4ySUeWWwz21hbeOuOSoYxBMj7a6o9mYElKkzcgzI1wY + e/fKSpUQjcRUOiw== +X-Developer-Key: i=lee@kernel.org; a=openpgp; + fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 + +Description +=========== + +In the Linux kernel, the following vulnerability has been resolved: + +ext4: avoid online resizing failures due to oversized flex bg + +When we online resize an ext4 filesystem with a oversized flexbg_size, + + mkfs.ext4 -F -G 67108864 $dev -b 4096 100M + mount $dev $dir + resize2fs $dev 16G + +the following WARN_ON is triggered: +================================================================== +WARNING: CPU: 0 PID: 427 at mm/page_alloc.c:4402 __alloc_pages+0x411/0x550 +Modules linked in: sg(E) +CPU: 0 PID: 427 Comm: resize2fs Tainted: G E 6.6.0-rc5+ #314 +RIP: 0010:__alloc_pages+0x411/0x550 +Call Trace: + <TASK> + __kmalloc_large_node+0xa2/0x200 + __kmalloc+0x16e/0x290 + ext4_resize_fs+0x481/0xd80 + __ext4_ioctl+0x1616/0x1d90 + ext4_ioctl+0x12/0x20 + __x64_sys_ioctl+0xf0/0x150 + do_syscall_64+0x3b/0x90 +================================================================== + +This is because flexbg_size is too large and the size of the new_group_data +array to be allocated exceeds MAX_ORDER. Currently, the minimum value of +MAX_ORDER is 8, the minimum value of PAGE_SIZE is 4096, the corresponding +maximum number of groups that can be allocated is: + + (PAGE_SIZE << MAX_ORDER) / sizeof(struct ext4_new_group_data) ≈ 21845 + +And the value that is down-aligned to the power of 2 is 16384. Therefore, +this value is defined as MAX_RESIZE_BG, and the number of groups added +each time does not exceed this value during resizing, and is added multiple +times to complete the online resizing. The difference is that the metadata +in a flex_bg may be more dispersed. + +The Linux kernel CVE team has assigned CVE-2023-52622 to this issue. + + +Affected and fixed versions +=========================== + + Fixed in 4.19.307 with commit cd1f93ca97a9 + Fixed in 5.4.269 with commit b183fe8702e7 + Fixed in 5.10.210 with commit cfbbb3199e71 + Fixed in 5.15.149 with commit d76c8d7ffe16 + Fixed in 6.1.77 with commit 6d2cbf517dca + Fixed in 6.6.16 with commit 8b1413dbfe49 + Fixed in 6.7.4 with commit dc3e0f55bec4 + Fixed in 6.8 with commit 5d1935ac02ca + +Please see https://www.kernel.org for a full list of currently supported +kernel versions by the kernel community. + +Unaffected versions might change over time as fixes are backported to +older supported kernel versions. The official CVE entry at + https://cve.org/CVERecord/?id=CVE-2023-52622 +will be updated if fixes are backported, please check that for the most +up to date information about this issue. + + +Affected files +============== + +The file(s) affected by this issue are: + fs/ext4/resize.c + + +Mitigation +========== + +The Linux kernel CVE team recommends that you update to the latest +stable kernel version for this, and many other bugfixes. Individual +changes are never tested alone, but rather are part of a larger kernel +release. Cherry-picking individual commits is not recommended or +supported by the Linux kernel community at all. If however, updating to +the latest release is impossible, the individual changes to resolve this +issue can be found at these commits: + https://git.kernel.org/stable/c/cd1f93ca97a9136989f3bd2bf90696732a2ed644 + https://git.kernel.org/stable/c/b183fe8702e78bba3dcef8e7193cab6898abee07 + https://git.kernel.org/stable/c/cfbbb3199e71b63fc26cee0ebff327c47128a1e8 + https://git.kernel.org/stable/c/d76c8d7ffe163c6bf2f1ef680b0539c2b3902b90 + https://git.kernel.org/stable/c/6d2cbf517dcabc093159cf138ad5712c9c7fa954 + https://git.kernel.org/stable/c/8b1413dbfe49646eda2c00c0f1144ee9d3368e0c + https://git.kernel.org/stable/c/dc3e0f55bec4410f3d74352c4a7c79f518088ee2 + https://git.kernel.org/stable/c/5d1935ac02ca5aee364a449a35e2977ea84509b0 diff --git a/cve/published/2023/CVE-2023-52622.sha1 b/cve/published/2023/CVE-2023-52622.sha1 new file mode 100644 index 00000000..6b18c0ac --- /dev/null +++ b/cve/published/2023/CVE-2023-52622.sha1 @@ -0,0 +1 @@ +5d1935ac02ca5aee364a449a35e2977ea84509b0 diff --git a/cve/reserved/2023/CVE-2023-52623 b/cve/published/2023/CVE-2023-52623 index e69de29b..e69de29b 100644 --- a/cve/reserved/2023/CVE-2023-52623 +++ b/cve/published/2023/CVE-2023-52623 diff --git a/cve/published/2023/CVE-2023-52623.json b/cve/published/2023/CVE-2023-52623.json new file mode 100644 index 00000000..c9f73107 --- /dev/null +++ b/cve/published/2023/CVE-2023-52623.json @@ -0,0 +1,168 @@ +{ + "containers": { + "cna": { + "providerMetadata": { + "orgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038" + }, + "descriptions": [ + { + "lang": "en", + "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: Fix a suspicious RCU usage warning\n\nI received the following warning while running cthon against an ontap\nserver running pNFS:\n\n[ 57.202521] =============================\n[ 57.202522] WARNING: suspicious RCU usage\n[ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted\n[ 57.202525] -----------------------------\n[ 57.202525] net/sunrpc/xprtmultipath.c:349 RCU-list traversed in non-reader section!!\n[ 57.202527]\n other info that might help us debug this:\n\n[ 57.202528]\n rcu_scheduler_active = 2, debug_locks = 1\n[ 57.202529] no locks held by test5/3567.\n[ 57.202530]\n stack backtrace:\n[ 57.202532] CPU: 0 PID: 3567 Comm: test5 Not tainted 6.7.0-rc3-g2cc14f52aeb7 #41492 5b09971b4965c0aceba19f3eea324a4a806e227e\n[ 57.202534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 2/2/2022\n[ 57.202536] Call Trace:\n[ 57.202537] <TASK>\n[ 57.202540] dump_stack_lvl+0x77/0xb0\n[ 57.202551] lockdep_rcu_suspicious+0x154/0x1a0\n[ 57.202556] rpc_xprt_switch_has_addr+0x17c/0x190 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202596] rpc_clnt_setup_test_and_add_xprt+0x50/0x180 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202621] ? rpc_clnt_add_xprt+0x254/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202646] rpc_clnt_add_xprt+0x27a/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202671] ? __pfx_rpc_clnt_setup_test_and_add_xprt+0x10/0x10 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6]\n[ 57.202696] nfs4_pnfs_ds_connect+0x345/0x760 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202728] ? __pfx_nfs4_test_session_trunk+0x10/0x10 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202754] nfs4_fl_prepare_ds+0x75/0xc0 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a]\n[ 57.202760] filelayout_write_pagelist+0x4a/0x200 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a]\n[ 57.202765] pnfs_generic_pg_writepages+0xbe/0x230 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202788] __nfs_pageio_add_request+0x3fd/0x520 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202813] nfs_pageio_add_request+0x18b/0x390 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202831] nfs_do_writepage+0x116/0x1e0 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202849] nfs_writepages_callback+0x13/0x30 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202866] write_cache_pages+0x265/0x450\n[ 57.202870] ? __pfx_nfs_writepages_callback+0x10/0x10 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202891] nfs_writepages+0x141/0x230 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202913] do_writepages+0xd2/0x230\n[ 57.202917] ? filemap_fdatawrite_wbc+0x5c/0x80\n[ 57.202921] filemap_fdatawrite_wbc+0x67/0x80\n[ 57.202924] filemap_write_and_wait_range+0xd9/0x170\n[ 57.202930] nfs_wb_all+0x49/0x180 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902]\n[ 57.202947] nfs4_file_flush+0x72/0xb0 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9]\n[ 57.202969] __se_sys_close+0x46/0xd0\n[ 57.202972] do_syscall_64+0x68/0x100\n[ 57.202975] ? do_syscall_64+0x77/0x100\n[ 57.202976] ? do_syscall_64+0x77/0x100\n[ 57.202979] entry_SYSCALL_64_after_hwframe+0x6e/0x76\n[ 57.202982] RIP: 0033:0x7fe2b12e4a94\n[ 57.202985] Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 18 0e 00 00 74 13 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 44 c3 0f 1f 00 48 83 ec 18 89 7c 24 0c e8 c3\n[ 57.202987] RSP: 002b:00007ffe857ddb38 EFLAGS: 00000202 ORIG_RAX: 0000000000000003\n[ 57.202989] RAX: ffffffffffffffda RBX: 00007ffe857dfd68 RCX: 00007fe2b12e4a94\n[ 57.202991] RDX: 0000000000002000 RSI: 00007ffe857ddc40 RDI: 0000000000000003\n[ 57.202992] RBP: 00007ffe857dfc50 R08: 7fffffffffffffff R09: 0000000065650f49\n[ 57.202993] R10: 00007f\n---truncated---" + } + ], + "affected": [ + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "unaffected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "1da177e4c3f4", + "lessThan": "fece80a2a671", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "7a96d85bf196", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "c430e6bb4395", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "f8cf4dabbdcb", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "e8ca3e73301e", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "69c7eeb4f622", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "8f860c840747", + "status": "affected", + "versionType": "git" + }, + { + "version": "1da177e4c3f4", + "lessThan": "31b62908693c", + "status": "affected", + "versionType": "git" + } + ] + }, + { + "product": "Linux", + "vendor": "Linux", + "defaultStatus": "affected", + "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", + "versions": [ + { + "version": "4.19.307", + "lessThanOrEqual": "4.19.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.4.269", + "lessThanOrEqual": "5.4.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.10.210", + "lessThanOrEqual": "5.10.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "5.15.149", + "lessThanOrEqual": "5.15.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.1.77", + "lessThanOrEqual": "6.1.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.6.16", + "lessThanOrEqual": "6.6.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.7.4", + "lessThanOrEqual": "6.7.*", + "status": "unaffected", + "versionType": "custom" + }, + { + "version": "6.8", + "lessThanOrEqual": "*", + "status": "unaffected", + "versionType": "original_commit_for_fix" + } + ] + } + ], + "references": [ + { + "url": "https://git.kernel.org/stable/c/fece80a2a6718ed58487ce397285bb1b83a3e54e" + }, + { + "url": "https://git.kernel.org/stable/c/7a96d85bf196c170dcf1b47a82e9bb97cca69aa6" + }, + { + "url": "https://git.kernel.org/stable/c/c430e6bb43955c6bf573665fcebf31694925b9f7" + }, + { + "url": "https://git.kernel.org/stable/c/f8cf4dabbdcb8bef85335b0ed7ad5b25fd82ff56" + }, + { + "url": "https://git.kernel.org/stable/c/e8ca3e73301e23e8c0ac0ce2e6bac4545cd776e0" + }, + { + "url": "https://git.kernel.org/stable/c/69c7eeb4f622c2a28da965f970f982db171f3dc6" + }, + { + "url": "https://git.kernel.org/stable/c/8f860c8407470baff2beb9982ad6b172c94f1d0a" + }, + { + "url": "https://git.kernel.org/stable/c/31b62908693c90d4d07db597e685d9f25a120073" + } + ], + "title": "SUNRPC: Fix a suspicious RCU usage warning", + "x_generator": { + "engine": "bippy-b4257b672505" + } + } + }, + "cveMetadata": { + "assignerOrgId": "f4215fc3-5b6b-47ff-a258-f7189bd81038", + "cveID": "CVE-2023-52623", + "requesterUserId": "lee@kernel.org", + "serial": "1", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.0" +} diff --git a/cve/published/2023/CVE-2023-52623.mbox b/cve/published/2023/CVE-2023-52623.mbox new file mode 100644 index 00000000..833f03d9 --- /dev/null +++ b/cve/published/2023/CVE-2023-52623.mbox @@ -0,0 +1,146 @@ +From bippy-b4257b672505 Mon Sep 17 00:00:00 2001 +From: Lee Jones <lee@kernel.org> +To: <linux-cve-announce@vger.kernel.org> +Reply-to: <cve@kernel.org>, <linux-kernel@vger.kernel.org> +Subject: CVE-2023-52623: SUNRPC: Fix a suspicious RCU usage warning +X-Developer-Signature: v=1; a=openpgp-sha256; l=6695; i=lee@kernel.org; + h=from:subject; bh=lRDhFpDBni+vP5xrlMslOl0nEvkmlyjArKtv24aPQkU=; + b=owEBbQKS/ZANAwAKAVGvii+H/HdhAcsmYgBmAwOjsPhrDK7MWG7M+Z9N0DuKYUj/wsVw779LX + UP9yM1ZidiJAjMEAAEKAB0WIQR2tsk1o74gmpTwh0hRr4ovh/x3YQUCZgMDowAKCRBRr4ovh/x3 + YQZID/9JC/Qc1Gvw/j9uRmrKnPPNinPwnRfjNzTtsn1wu9Lf6B0OPt0PI0M8UVOD/FOLjjkEdje + NvnqZvayNfZmKnOQHpKVU6dFZtgkHRfgKvjgYuQPWNAKrtkkVLxzkmDjSApRsTxoojM2xqxZp/c + sPfPDXpu1VBR9b9IueFwAYx+1HCKqcHHrPTkCVb0ahAtx/euhK1v1pDMq51KckvUkjxIBRLw7/z + YoI00b4o8S74onzou6zbakIF9sywh4jvJUFhl52oO2fVWyhRJEtHmnFKvGKgF1NvUYT2DpN7xHl + 9JZ72uuvaBh4Sv1SAjZa061EDJ4oFQAIY+8EioHaqCxmd1yXVlkzzpFAEPUQyMG2jPST/ySNLIc + 9UnbsJkKmoqPGIj4lf1ysOKv27+xlPrhvErbNf5wLhaz2aMRR6xz5KH5npY1uNQPKA6Vy0G1OL8 + i8YusumlBcKycD10eca/uy+qetAwcKxakhbglEQPIuphdmKQkiElA32wbTubcYmxbp1CXi57iso + v/bmRuTsc4455CkGhUZ5I0ejUKoWevV/D4FLaW/7PKLIQSeWgt4UD9feu7tAPHVR0SFbSa00TMx + AMX0go3hYW02kkeo9Meh68dvey8W1CaVMix6yUHE4QJNHLLN7FisM86iplugouVODjjq/eR5Bam + 3YNJxH9WVmJ4GFg== +X-Developer-Key: i=lee@kernel.org; a=openpgp; + fpr=76B6C935A3BE209A94F0874851AF8A2F87FC7761 + +Description +=========== + +In the Linux kernel, the following vulnerability has been resolved: + +SUNRPC: Fix a suspicious RCU usage warning + +I received the following warning while running cthon against an ontap +server running pNFS: + +[ 57.202521] ============================= +[ 57.202522] WARNING: suspicious RCU usage +[ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted +[ 57.202525] ----------------------------- +[ 57.202525] net/sunrpc/xprtmultipath.c:349 RCU-list traversed in non-reader section!! +[ 57.202527] + other info that might help us debug this: + +[ 57.202528] + rcu_scheduler_active = 2, debug_locks = 1 +[ 57.202529] no locks held by test5/3567. +[ 57.202530] + stack backtrace: +[ 57.202532] CPU: 0 PID: 3567 Comm: test5 Not tainted 6.7.0-rc3-g2cc14f52aeb7 #41492 5b09971b4965c0aceba19f3eea324a4a806e227e +[ 57.202534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 2/2/2022 +[ 57.202536] Call Trace: +[ 57.202537] <TASK> +[ 57.202540] dump_stack_lvl+0x77/0xb0 +[ 57.202551] lockdep_rcu_suspicious+0x154/0x1a0 +[ 57.202556] rpc_xprt_switch_has_addr+0x17c/0x190 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] +[ 57.202596] rpc_clnt_setup_test_and_add_xprt+0x50/0x180 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] +[ 57.202621] ? rpc_clnt_add_xprt+0x254/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] +[ 57.202646] rpc_clnt_add_xprt+0x27a/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] +[ 57.202671] ? __pfx_rpc_clnt_setup_test_and_add_xprt+0x10/0x10 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] +[ 57.202696] nfs4_pnfs_ds_connect+0x345/0x760 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] +[ 57.202728] ? __pfx_nfs4_test_session_trunk+0x10/0x10 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] +[ 57.202754] nfs4_fl_prepare_ds+0x75/0xc0 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a] +[ 57.202760] filelayout_write_pagelist+0x4a/0x200 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a] +[ 57.202765] pnfs_generic_pg_writepages+0xbe/0x230 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] +[ 57.202788] __nfs_pageio_add_request+0x3fd/0x520 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] +[ 57.202813] nfs_pageio_add_request+0x18b/0x390 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] +[ 57.202831] nfs_do_writepage+0x116/0x1e0 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] +[ 57.202849] nfs_writepages_callback+0x13/0x30 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] +[ 57.202866] write_cache_pages+0x265/0x450 +[ 57.202870] ? __pfx_nfs_writepages_callback+0x10/0x10 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] +[ 57.202891] nfs_writepages+0x141/0x230 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] +[ 57.202913] do_writepages+0xd2/0x230 +[ 57.202917] ? filemap_fdatawrite_wbc+0x5c/0x80 +[ 57.202921] filemap_fdatawrite_wbc+0x67/0x80 +[ 57.202924] filemap_write_and_wait_range+0xd9/0x170 +[ 57.202930] nfs_wb_all+0x49/0x180 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] +[ 57.202947] nfs4_file_flush+0x72/0xb0 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] +[ 57.202969] __se_sys_close+0x46/0xd0 +[ 57.202972] do_syscall_64+0x68/0x100 +[ 57.202975] ? do_syscall_64+0x77/0x100 +[ 57.202976] ? do_syscall_64+0x77/0x100 +[ 57.202979] entry_SYSCALL_64_after_hwframe+0x6e/0x76 +[ 57.202982] RIP: 0033:0x7fe2b12e4a94 +[ 57.202985] Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 18 0e 00 00 74 13 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 44 c3 0f 1f 00 48 83 ec 18 89 7c 24 0c e8 c3 +[ 57.202987] RSP: 002b:00007ffe857ddb38 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 +[ 57.202989] RAX: ffffffffffffffda RBX: 00007ffe857dfd68 RCX: 00007fe2b12e4a94 +[ 57.202991] RDX: 0000000000002000 RSI: 00007ffe857ddc40 RDI: 0000000000000003 +[ 57.202992] RBP: 00007ffe857dfc50 R08: 7fffffffffffffff R09: 0000000065650f49 +[ 57.202993] R10: 00007fe2b11f8300 R11: 0000000000000202 R12: 0000000000000000 +[ 57.202994] R13: 00007ffe857dfd80 R14: 00007fe2b1445000 R15: 0000000000000000 +[ 57.202999] </TASK> + +The problem seems to be that two out of three callers aren't taking the +rcu_read_lock() before calling the list_for_each_entry_rcu() function in +rpc_xprt_switch_has_addr(). I fix this by having +rpc_xprt_switch_has_addr() unconditionaly take the rcu_read_lock(), +which is okay to do recursively in the case that the lock has already +been taken by a caller. + +The Linux kernel CVE team has assigned CVE-2023-52623 to this issue. + + +Affected and fixed versions +=========================== + + Fixed in 4.19.307 with commit fece80a2a671 + Fixed in 5.4.269 with commit 7a96d85bf196 + Fixed in 5.10.210 with commit c430e6bb4395 + Fixed in 5.15.149 with commit f8cf4dabbdcb + Fixed in 6.1.77 with commit e8ca3e73301e + Fixed in 6.6.16 with commit 69c7eeb4f622 + Fixed in 6.7.4 with commit 8f860c840747 + Fixed in 6.8 with commit 31b62908693c + +Please see https://www.kernel.org for a full list of currently supported +kernel versions by the kernel community. + +Unaffected versions might change over time as fixes are backported to +older supported kernel versions. The official CVE entry at + https://cve.org/CVERecord/?id=CVE-2023-52623 +will be updated if fixes are backported, please check that for the most +up to date information about this issue. + + +Affected files +============== + +The file(s) affected by this issue are: + net/sunrpc/xprtmultipath.c + + +Mitigation +========== + +The Linux kernel CVE team recommends that you update to the latest +stable kernel version for this, and many other bugfixes. Individual +changes are never tested alone, but rather are part of a larger kernel +release. Cherry-picking individual commits is not recommended or +supported by the Linux kernel community at all. If however, updating to +the latest release is impossible, the individual changes to resolve this +issue can be found at these commits: + https://git.kernel.org/stable/c/fece80a2a6718ed58487ce397285bb1b83a3e54e + https://git.kernel.org/stable/c/7a96d85bf196c170dcf1b47a82e9bb97cca69aa6 + https://git.kernel.org/stable/c/c430e6bb43955c6bf573665fcebf31694925b9f7 + https://git.kernel.org/stable/c/f8cf4dabbdcb8bef85335b0ed7ad5b25fd82ff56 + https://git.kernel.org/stable/c/e8ca3e73301e23e8c0ac0ce2e6bac4545cd776e0 + https://git.kernel.org/stable/c/69c7eeb4f622c2a28da965f970f982db171f3dc6 + https://git.kernel.org/stable/c/8f860c8407470baff2beb9982ad6b172c94f1d0a + https://git.kernel.org/stable/c/31b62908693c90d4d07db597e685d9f25a120073 diff --git a/cve/published/2023/CVE-2023-52623.sha1 b/cve/published/2023/CVE-2023-52623.sha1 new file mode 100644 index 00000000..b96d1495 --- /dev/null +++ b/cve/published/2023/CVE-2023-52623.sha1 @@ -0,0 +1 @@ +31b62908693c90d4d07db597e685d9f25a120073 |