CVE-2023-53712

Summary

In the Linux kernel, the following vulnerability has been resolved:

ARM: 9317/1: kexec: Make smp stop calls asynchronous

If a panic is triggered by a hrtimer interrupt all online cpus will be notified and set offline. But as highlighted by commit 19dbdcb8039c ("smp: Warn on function calls from softirq context") this call should not be made synchronous with disabled interrupts:

softdog: Initiating panic Kernel panic - not syncing: Software Watchdog Timer expired WARNING: CPU: 1 PID: 0 at kernel/smp.c:753 smp_call_function_many_cond unwind_backtrace: show_stack dump_stack_lvl __warn warn_slowpath_fmt smp_call_function_many_cond smp_call_function crash_smp_send_stop.part.0 machine_crash_shutdown __crash_kexec panic softdog_fire __hrtimer_run_queues hrtimer_interrupt

Make the smp call for machine_crash_nonpanic_core() asynchronous.

Affected Software

VendorProductVersion RangeStatus
LinuxLinuxb23065313297e750edd57ab6edfd36224826724e < 46870eea5496ff277e86187a49ac5a667cfe60c4affected
LinuxLinuxb23065313297e750edd57ab6edfd36224826724e < ee378f45a70d09b51373ba495d30d99ef12219c1affected
LinuxLinuxb23065313297e750edd57ab6edfd36224826724e < 5590ba4560eefbd19a4ed07c7e7c8e4c51ffc628affected
LinuxLinuxb23065313297e750edd57ab6edfd36224826724e < 8922ba71c969d2a0c01a94372a71477d879470deaffected
LinuxLinux2.6.38affected
LinuxLinux0 < 2.6.38unaffected
LinuxLinux5.15.133 <= 5.15.*unaffected
LinuxLinux6.1.55 <= 6.1.*unaffected
LinuxLinux6.5.5 <= 6.5.*unaffected
LinuxLinux6.6 <= *unaffected

Weaknesses

References