CVE-2023-53007

Summary

In the Linux kernel, the following vulnerability has been resolved:

tracing: Make sure trace_printk() can output as soon as it can be used

Currently trace_printk() can be used as soon as early_trace_init() is called from start_kernel(). But if a crash happens, and "ftrace_dump_on_oops" is set on the kernel command line, all you get will be:

[ 0.456075] <idle>-0 0dN.2. 347519us : Unknown type 6 [ 0.456075] <idle>-0 0dN.2. 353141us : Unknown type 6 [ 0.456075] <idle>-0 0dN.2. 358684us : Unknown type 6

This is because the trace_printk() event (type 6) hasn't been registered yet. That gets done via an early_initcall(), which may be early, but not early enough.

Instead of registering the trace_printk() event (and other ftrace events, which are not trace events) via an early_initcall(), have them registered at the same time that trace_printk() can be used. This way, if there is a crash before early_initcall(), then the trace_printk()s will actually be useful.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxe725c731e3bb1e892e7b564c945b121cb41d1087 < f97eb0ab066133483a65c93eb894748de2f6b598affected
LinuxLinuxe725c731e3bb1e892e7b564c945b121cb41d1087 < b94d7c7654356860dd7719120c7d15ba38b6162aaffected
LinuxLinuxe725c731e3bb1e892e7b564c945b121cb41d1087 < 76b2390fdc80c0a8300e5da5b6b62d201b6fe9ceaffected
LinuxLinuxe725c731e3bb1e892e7b564c945b121cb41d1087 < de3930a4883ddad2244efd6d349013294c62c75caffected
LinuxLinuxe725c731e3bb1e892e7b564c945b121cb41d1087 < b0af180514edea6c83dc9a299d9f383009c99f25affected
LinuxLinuxe725c731e3bb1e892e7b564c945b121cb41d1087 < 198c83963f6335ca6d690cff067679560f2a3a22affected
LinuxLinuxe725c731e3bb1e892e7b564c945b121cb41d1087 < 3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253affected
LinuxLinux4.12affected
LinuxLinux0 < 4.12unaffected
LinuxLinux4.14.305 <= 4.14.*unaffected
LinuxLinux4.19.272 <= 4.19.*unaffected
LinuxLinux5.4.231 <= 5.4.*unaffected
LinuxLinux5.10.166 <= 5.10.*unaffected
LinuxLinux5.15.91 <= 5.15.*unaffected
LinuxLinux6.1.9 <= 6.1.*unaffected
LinuxLinux6.2 <= *unaffected

Weaknesses

References