CVE-2023-53622

Summary

In the Linux kernel, the following vulnerability has been resolved:

gfs2: Fix possible data races in gfs2_show_options()

Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options():

val = sdp->sd_tune.gt_logd_secs; if (val != 30) seq_printf(s, ",commit=%d", val);

And thus can cause data races when gfs2_show_options() and other functions such as gfs2_reconfigure() are concurrently executed:

spin_lock(&gt->gt_spin); gt->gt_logd_secs = newargs->ar_commit;

To fix these possible data races, the lock sdp->sd_tune.gt_spin is acquired before accessing the fields of gfs2_tune and released after these accesses.

Further changes by Andreas:

  • Don't hold the spin lock over the seq_printf operations.

Affected Software

VendorProductVersion RangeStatus
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < 7e5bbeb7eb813bb2568e1d5d02587df943272e57affected
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < 235a5ae73cea29109a3e06f100493f17857e6a93affected
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < b4a7ab57effbed42624842f2ab2a49b177c21a47affected
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < 7c5b2649f6a37d45bfb7abf34c9b71d08677139faffected
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < 85e888150075cb221270b64bf772341fc6bd11d9affected
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < a4f71523ed2123d63b431cc0cea4e9f363a0f054affected
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < 42077d4de49e4d9c773c97c42d5383b4899a8f9daffected
LinuxLinux48c2b613616235d7c97fda5982f50100a6c79166 < 6fa0a72cbbe45db4ed967a51f9e6f4e3afe61d20affected
LinuxLinux2.6.31affected
LinuxLinux0 < 2.6.31unaffected
LinuxLinux4.14.324 <= 4.14.*unaffected
LinuxLinux4.19.293 <= 4.19.*unaffected
LinuxLinux5.4.255 <= 5.4.*unaffected
LinuxLinux5.10.192 <= 5.10.*unaffected
LinuxLinux5.15.128 <= 5.15.*unaffected
LinuxLinux6.1.47 <= 6.1.*unaffected
LinuxLinux6.4.12 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References