| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025100434-CVE-2023-53614-bf24@gregkh> Date: Sat, 4 Oct 2025 17:52:08 +0200 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53614: mm/ksm: fix race with VMA iteration and mm_struct teardown From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: mm/ksm: fix race with VMA iteration and mm_struct teardown exit_mmap() will tear down the VMAs and maple tree with the mmap_lock held in write mode. Ensure that the maple tree is still valid by checking ksm_test_exit() after taking the mmap_lock in read mode, but before the for_each_vma() iterator dereferences a destroyed maple tree. Since the maple tree is destroyed, the flags telling lockdep to check an external lock has been cleared. Skip the for_each_vma() iterator to avoid dereferencing a maple tree without the external lock flag, which would create a lockdep warning. The Linux kernel CVE team has assigned CVE-2023-53614 to this issue. Affected and fixed versions =========================== Issue introduced in 6.1 with commit a5f18ba0727656bd1fe3bcdb0d563f81790f9a04 and fixed in 6.1.22 with commit 286b0cab31bac29960e5684f6fb331d42f03b363 Issue introduced in 6.1 with commit a5f18ba0727656bd1fe3bcdb0d563f81790f9a04 and fixed in 6.2.9 with commit b4f664ffd8f78c05a1fd542a28bc5a11e994c014 Issue introduced in 6.1 with commit a5f18ba0727656bd1fe3bcdb0d563f81790f9a04 and fixed in 6.3 with commit 6db504ce55bdbc575723938fc480713c9183f6a2 Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53614 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: mm/ksm.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/286b0cab31bac29960e5684f6fb331d42f03b363 https://git.kernel.org/stable/c/b4f664ffd8f78c05a1fd542a28bc5a11e994c014 https://git.kernel.org/stable/c/6db504ce55bdbc575723938fc480713c9183f6a2
Powered by blists - more mailing lists