| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025032713-CVE-2023-53007-6ed4@gregkh> Date: Thu, 27 Mar 2025 17:43:54 +0100 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...uxfoundation.org> Subject: CVE-2023-53007: tracing: Make sure trace_printk() can output as soon as it can be used Description =========== In the Linux kernel, the following vulnerability has been resolved: tracing: Make sure trace_printk() can output as soon as it can be used Currently trace_printk() can be used as soon as early_trace_init() is called from start_kernel(). But if a crash happens, and "ftrace_dump_on_oops" is set on the kernel command line, all you get will be: [ 0.456075] <idle>-0 0dN.2. 347519us : Unknown type 6 [ 0.456075] <idle>-0 0dN.2. 353141us : Unknown type 6 [ 0.456075] <idle>-0 0dN.2. 358684us : Unknown type 6 This is because the trace_printk() event (type 6) hasn't been registered yet. That gets done via an early_initcall(), which may be early, but not early enough. Instead of registering the trace_printk() event (and other ftrace events, which are not trace events) via an early_initcall(), have them registered at the same time that trace_printk() can be used. This way, if there is a crash before early_initcall(), then the trace_printk()s will actually be useful. The Linux kernel CVE team has assigned CVE-2023-53007 to this issue. Affected and fixed versions =========================== Issue introduced in 4.12 with commit e725c731e3bb1e892e7b564c945b121cb41d1087 and fixed in 4.14.305 with commit f97eb0ab066133483a65c93eb894748de2f6b598 Issue introduced in 4.12 with commit e725c731e3bb1e892e7b564c945b121cb41d1087 and fixed in 4.19.272 with commit b94d7c7654356860dd7719120c7d15ba38b6162a Issue introduced in 4.12 with commit e725c731e3bb1e892e7b564c945b121cb41d1087 and fixed in 5.4.231 with commit 76b2390fdc80c0a8300e5da5b6b62d201b6fe9ce Issue introduced in 4.12 with commit e725c731e3bb1e892e7b564c945b121cb41d1087 and fixed in 5.10.166 with commit de3930a4883ddad2244efd6d349013294c62c75c Issue introduced in 4.12 with commit e725c731e3bb1e892e7b564c945b121cb41d1087 and fixed in 5.15.91 with commit b0af180514edea6c83dc9a299d9f383009c99f25 Issue introduced in 4.12 with commit e725c731e3bb1e892e7b564c945b121cb41d1087 and fixed in 6.1.9 with commit 198c83963f6335ca6d690cff067679560f2a3a22 Issue introduced in 4.12 with commit e725c731e3bb1e892e7b564c945b121cb41d1087 and fixed in 6.2 with commit 3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53007 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: kernel/trace/trace.c kernel/trace/trace.h kernel/trace/trace_output.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/f97eb0ab066133483a65c93eb894748de2f6b598 https://git.kernel.org/stable/c/b94d7c7654356860dd7719120c7d15ba38b6162a https://git.kernel.org/stable/c/76b2390fdc80c0a8300e5da5b6b62d201b6fe9ce https://git.kernel.org/stable/c/de3930a4883ddad2244efd6d349013294c62c75c https://git.kernel.org/stable/c/b0af180514edea6c83dc9a299d9f383009c99f25 https://git.kernel.org/stable/c/198c83963f6335ca6d690cff067679560f2a3a22 https://git.kernel.org/stable/c/3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253
Powered by blists - more mailing lists