| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <2025120945-CVE-2023-53815-5695@gregkh> Date: Tue, 9 Dec 2025 09:02:36 +0900 From: Greg Kroah-Hartman <gregkh@...uxfoundation.org> To: linux-cve-announce@...r.kernel.org Cc: Greg Kroah-Hartman <gregkh@...nel.org> Subject: CVE-2023-53815: posix-timers: Prevent RT livelock in itimer_delete() From: Greg Kroah-Hartman <gregkh@...nel.org> Description =========== In the Linux kernel, the following vulnerability has been resolved: posix-timers: Prevent RT livelock in itimer_delete() itimer_delete() has a retry loop when the timer is concurrently expired. On non-RT kernels this just spin-waits until the timer callback has completed, except for posix CPU timers which have HAVE_POSIX_CPU_TIMERS_TASK_WORK enabled. In that case and on RT kernels the existing task could live lock when preempting the task which does the timer delivery. Replace spin_unlock() with an invocation of timer_wait_running() to handle it the same way as the other retry loops in the posix timer code. The Linux kernel CVE team has assigned CVE-2023-53815 to this issue. Affected and fixed versions =========================== Issue introduced in 5.4 with commit ec8f954a40da8cd3d159713b608e901f0cd909a9 and fixed in 5.10.188 with commit f1be1ed32daa053484222f7f9beb2b16c624dffd Issue introduced in 5.4 with commit ec8f954a40da8cd3d159713b608e901f0cd909a9 and fixed in 5.15.121 with commit 0670c4c567b27bd8f999a943028f4fe60d1a1106 Issue introduced in 5.4 with commit ec8f954a40da8cd3d159713b608e901f0cd909a9 and fixed in 6.1.39 with commit e7aff15ba29ba4b3052786b1636fa5c4aa39e179 Issue introduced in 5.4 with commit ec8f954a40da8cd3d159713b608e901f0cd909a9 and fixed in 6.3.13 with commit f9bd298e3e4d3fd6e19f017789a42d0f332cd555 Issue introduced in 5.4 with commit ec8f954a40da8cd3d159713b608e901f0cd909a9 and fixed in 6.4.4 with commit c1968bb8a28625cc95d2ad3ca872ab98c9c36d59 Issue introduced in 5.4 with commit ec8f954a40da8cd3d159713b608e901f0cd909a9 and fixed in 6.5 with commit 9d9e522010eb5685d8b53e8a24320653d9d4cbbf Please see https://www.kernel.org for a full list of currently supported kernel versions by the kernel community. Unaffected versions might change over time as fixes are backported to older supported kernel versions. The official CVE entry at https://cve.org/CVERecord/?id=CVE-2023-53815 will be updated if fixes are backported, please check that for the most up to date information about this issue. Affected files ============== The file(s) affected by this issue are: kernel/time/posix-timers.c Mitigation ========== The Linux kernel CVE team recommends that you update to the latest stable kernel version for this, and many other bugfixes. Individual changes are never tested alone, but rather are part of a larger kernel release. Cherry-picking individual commits is not recommended or supported by the Linux kernel community at all. If however, updating to the latest release is impossible, the individual changes to resolve this issue can be found at these commits: https://git.kernel.org/stable/c/f1be1ed32daa053484222f7f9beb2b16c624dffd https://git.kernel.org/stable/c/0670c4c567b27bd8f999a943028f4fe60d1a1106 https://git.kernel.org/stable/c/e7aff15ba29ba4b3052786b1636fa5c4aa39e179 https://git.kernel.org/stable/c/f9bd298e3e4d3fd6e19f017789a42d0f332cd555 https://git.kernel.org/stable/c/c1968bb8a28625cc95d2ad3ca872ab98c9c36d59 https://git.kernel.org/stable/c/9d9e522010eb5685d8b53e8a24320653d9d4cbbf
Powered by blists - more mailing lists