CVE-2023-54088

Summary

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: hold queue_lock when removing blkg->q_node

When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock has to be held, otherwise, all kinds of bugs(list corruption, hard lockup, ..) can be triggered from blkg_destroy_all().

Affected Software

VendorProductVersion RangeStatus
LinuxLinux81c1188905f88b77743d1fdeeedfc8cb7b67787d < b5dae1cd0d8368b4338430ff93403df67f0b8bccaffected
LinuxLinuxbfe46d2efe46c5c952f982e2ca94fe2ec5e58e2a < 083b58373463a6e5ee60ecb135269348f68ad7dfaffected
LinuxLinuxf1c006f1c6850c14040f8337753a63119bba39b9 < cd4ffdf56791eec95af01f06bee1ec7665ca75c4affected
LinuxLinuxf1c006f1c6850c14040f8337753a63119bba39b9 < c164c7bc9775be7bcc68754bb3431fce5823822eaffected
LinuxLinux6.1.16 < 6.1.17affected
LinuxLinux6.2.3 < 6.2.4affected
LinuxLinux6.3affected
LinuxLinux0 < 6.3unaffected
LinuxLinux6.1.17 <= 6.1.*unaffected
LinuxLinux6.2.4 <= 6.2.*unaffected
LinuxLinux6.4.12 <= 6.4.*unaffected
LinuxLinux6.5 <= *unaffected

Weaknesses

References