cve-2023-52813
Vulnerability from cvelistv5
Published
2024-05-21 15:31
Modified
2024-11-04 14:53
Severity ?
Summary
crypto: pcrypt - Fix hungtask for PADATA_RESET
Impacted products
LinuxLinux
LinuxLinux
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-52813",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-23T17:18:51.048604Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:24:13.216Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T23:11:36.058Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "crypto/pcrypt.c",
            "kernel/padata.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "fb2d3a50a8f2",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "039fec48e062",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c9c133469730",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e97bf4ada7dd",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "546c1796ad1e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "c55fc098fd9d",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "e134f3aba98e",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "372636debe85",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            },
            {
              "lessThan": "8f4f68e788c3",
              "status": "affected",
              "version": "1da177e4c3f4",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "crypto/pcrypt.c",
            "kernel/padata.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThanOrEqual": "4.14.*",
              "status": "unaffected",
              "version": "4.14.331",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "4.19.*",
              "status": "unaffected",
              "version": "4.19.300",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.4.*",
              "status": "unaffected",
              "version": "5.4.262",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.140",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.64",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.5.*",
              "status": "unaffected",
              "version": "6.5.13",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.3",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.7",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\n\nWe found a hungtask bug in test_aead_vec_cfg as follows:\n\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n __switch_to+0x98/0xe0\n __schedule+0x6c4/0xf40\n schedule+0xd8/0x1b4\n schedule_timeout+0x474/0x560\n wait_for_common+0x368/0x4e0\n wait_for_completion+0x20/0x30\n wait_for_completion+0x20/0x30\n test_aead_vec_cfg+0xab4/0xd50\n test_aead+0x144/0x1f0\n alg_test_aead+0xd8/0x1e0\n alg_test+0x634/0x890\n cryptomgr_test+0x40/0x70\n kthread+0x1e0/0x220\n ret_from_fork+0x10/0x18\n Kernel panic - not syncing: hung_task: blocked tasks\n\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(\u0026wait-\u003ecompletion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst-\u003eflags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon\u0027t call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(\u0026wait-\u003ecompletion), which will cause\nhungtask.\n\nThe problem comes as following:\n(padata_do_parallel)                 |\n    rcu_read_lock_bh();              |\n    err = -EINVAL;                   |   (padata_replace)\n                                     |     pinst-\u003eflags |= PADATA_RESET;\n    err = -EBUSY                     |\n    if (pinst-\u003eflags \u0026 PADATA_RESET) |\n        rcu_read_unlock_bh()         |\n        return err\n\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\n\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-04T14:53:12.866Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"
        },
        {
          "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"
        },
        {
          "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"
        },
        {
          "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"
        },
        {
          "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"
        },
        {
          "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"
        },
        {
          "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"
        },
        {
          "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"
        },
        {
          "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"
        }
      ],
      "title": "crypto: pcrypt - Fix hungtask for PADATA_RESET",
      "x_generator": {
        "engine": "bippy-9e1c9544281a"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2023-52813",
    "datePublished": "2024-05-21T15:31:21.604Z",
    "dateReserved": "2024-05-21T15:19:24.248Z",
    "dateUpdated": "2024-11-04T14:53:12.866Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2023-52813\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-21T16:15:19.477\",\"lastModified\":\"2024-05-21T16:53:56.550\",\"vulnStatus\":\"Awaiting Analysis\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\\n\\nWe found a hungtask bug in test_aead_vec_cfg as follows:\\n\\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\\n\\\"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\\\" disables this message.\\nCall trace:\\n __switch_to+0x98/0xe0\\n __schedule+0x6c4/0xf40\\n schedule+0xd8/0x1b4\\n schedule_timeout+0x474/0x560\\n wait_for_common+0x368/0x4e0\\n wait_for_completion+0x20/0x30\\n wait_for_completion+0x20/0x30\\n test_aead_vec_cfg+0xab4/0xd50\\n test_aead+0x144/0x1f0\\n alg_test_aead+0xd8/0x1e0\\n alg_test+0x634/0x890\\n cryptomgr_test+0x40/0x70\\n kthread+0x1e0/0x220\\n ret_from_fork+0x10/0x18\\n Kernel panic - not syncing: hung_task: blocked tasks\\n\\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\\nwait_for_completion(\u0026wait-\u003ecompletion) in test_aead_vec_cfg. In normal\\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\\nreturn err is 0 for padata_do_parallel. But, when pinst-\u003eflags is\\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\\nwon\u0027t call aead_request_complete(). Therefore, test_aead_vec_cfg will\\nhung at wait_for_completion(\u0026wait-\u003ecompletion), which will cause\\nhungtask.\\n\\nThe problem comes as following:\\n(padata_do_parallel)                 |\\n    rcu_read_lock_bh();              |\\n    err = -EINVAL;                   |   (padata_replace)\\n                                     |     pinst-\u003eflags |= PADATA_RESET;\\n    err = -EBUSY                     |\\n    if (pinst-\u003eflags \u0026 PADATA_RESET) |\\n        rcu_read_unlock_bh()         |\\n        return err\\n\\nIn order to resolve the problem, we replace the return err -EBUSY with\\n-EAGAIN, which means parallel_data is changing, and the caller should call\\nit again.\\n\\nv3:\\nremove retry and just change the return err.\\nv2:\\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\\npcrypt_aead_decrypt to solve the hungtask.\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: crypto: pcrypt - Reparar hungtask para PADATA_RESET. Encontramos un error de hungtask en test_aead_vec_cfg de la siguiente manera: INFORMACI\u00d3N: tarea cryptomgr_test:391009 bloqueada durante m\u00e1s de 120 segundos. \\\"echo 0 \u0026gt; /proc/sys/kernel/hung_task_timeout_secs\\\" desactiva este mensaje. Seguimiento de llamadas: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 Schedule+0xd8/0x1b4 Schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_ve c_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+ 0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 kernel panic - no syncing: hung_task: tareas bloqueadas para el error for_completion (\u0026amp;esperar-\u0026gt;finalizaci\u00f3n) en test_aead_vec_cfg. En caso normal, se llamar\u00e1 aead_request_complete() en pcrypt_aead_serial y el error de retorno es 0 para padata_do_parallel. Pero, cuando pinst-\u0026gt;flags es PADATA_RESET, el error de retorno es -EBUSY para padata_do_parallel y no llamar\u00e1 a aead_request_complete(). Por lo tanto, test_aead_vec_cfg se colgar\u00e1 en wait_for_completion(\u0026amp;wait-\u0026gt;completion), lo que provocar\u00e1 que se cuelgue la tarea. El problema viene de la siguiente manera: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst-\u0026gt;flags |= PADATA_RESET; err = -EBUSY | si (pinst-\u0026gt;flags \u0026amp; PADATA_RESET) | rcu_read_unlock_bh() | return err Para resolver el problema, reemplazamos el retorno err -EBUSY con -EAGAIN, lo que significa que los datos_paralelos est\u00e1n cambiando y la persona que llama debe llamarlo nuevamente. v3: elimine el reintento y simplemente cambie el error de devoluci\u00f3n. v2: introduce padata_try_do_parallel() en pcrypt_aead_encrypt y pcrypt_aead_decrypt para resolver la tarea colgada.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.