GHSA-VR4H-F46Q-WPGF
Vulnerability from github – Published: 2025-12-09 18:30 – Updated: 2025-12-09 18:30In the Linux kernel, the following vulnerability has been resolved:
s390/idle: mark arch_cpu_idle() noinstr
linux-next commit ("cpuidle: tracing: Warn about !rcu_is_watching()") adds a new warning which hits on s390's arch_cpu_idle() function:
RCU not on for: arch_cpu_idle+0x0/0x28 WARNING: CPU: 2 PID: 0 at include/linux/trace_recursion.h:162 arch_ftrace_ops_list_func+0x24c/0x258 Modules linked in: CPU: 2 PID: 0 Comm: swapper/2 Not tainted 6.2.0-rc6-next-20230202 #4 Hardware name: IBM 8561 T01 703 (z/VM 7.3.0) Krnl PSW : 0404d00180000000 00000000002b55c0 (arch_ftrace_ops_list_func+0x250/0x258) R:0 T:1 IO:0 EX:0 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0 RI:0 EA:3 Krnl GPRS: c0000000ffffbfff 0000000080000002 0000000000000026 0000000000000000 0000037ffffe3a28 0000037ffffe3a20 0000000000000000 0000000000000000 0000000000000000 0000000000f4acf6 00000000001044f0 0000037ffffe3cb0 0000000000000000 0000000000000000 00000000002b55bc 0000037ffffe3bb8 Krnl Code: 00000000002b55b0: c02000840051 larl %r2,0000000001335652 00000000002b55b6: c0e5fff512d1 brasl %r14,0000000000157b58 #00000000002b55bc: af000000 mc 0,0 >00000000002b55c0: a7f4ffe7 brc 15,00000000002b558e 00000000002b55c4: 0707 bcr 0,%r7 00000000002b55c6: 0707 bcr 0,%r7 00000000002b55c8: eb6ff0480024 stmg %r6,%r15,72(%r15) 00000000002b55ce: b90400ef lgr %r14,%r15 Call Trace: [<00000000002b55c0>] arch_ftrace_ops_list_func+0x250/0x258 ([<00000000002b55bc>] arch_ftrace_ops_list_func+0x24c/0x258) [<0000000000f5f0fc>] ftrace_common+0x1c/0x20 [<00000000001044f6>] arch_cpu_idle+0x6/0x28 [<0000000000f4acf6>] default_idle_call+0x76/0x128 [<00000000001cc374>] do_idle+0xf4/0x1b0 [<00000000001cc6ce>] cpu_startup_entry+0x36/0x40 [<0000000000119d00>] smp_start_secondary+0x140/0x150 [<0000000000f5d2ae>] restart_int_handler+0x6e/0x90
Mark arch_cpu_idle() noinstr like all other architectures with CONFIG_ARCH_WANTS_NO_INSTR (should) have it to fix this.
{
"affected": [],
"aliases": [
"CVE-2023-53859"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-09T16:17:26Z",
"severity": null
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\ns390/idle: mark arch_cpu_idle() noinstr\n\nlinux-next commit (\"cpuidle: tracing: Warn about !rcu_is_watching()\")\nadds a new warning which hits on s390\u0027s arch_cpu_idle() function:\n\nRCU not on for: arch_cpu_idle+0x0/0x28\nWARNING: CPU: 2 PID: 0 at include/linux/trace_recursion.h:162 arch_ftrace_ops_list_func+0x24c/0x258\nModules linked in:\nCPU: 2 PID: 0 Comm: swapper/2 Not tainted 6.2.0-rc6-next-20230202 #4\nHardware name: IBM 8561 T01 703 (z/VM 7.3.0)\nKrnl PSW : 0404d00180000000 00000000002b55c0 (arch_ftrace_ops_list_func+0x250/0x258)\n R:0 T:1 IO:0 EX:0 Key:0 M:1 W:0 P:0 AS:3 CC:1 PM:0 RI:0 EA:3\nKrnl GPRS: c0000000ffffbfff 0000000080000002 0000000000000026 0000000000000000\n 0000037ffffe3a28 0000037ffffe3a20 0000000000000000 0000000000000000\n 0000000000000000 0000000000f4acf6 00000000001044f0 0000037ffffe3cb0\n 0000000000000000 0000000000000000 00000000002b55bc 0000037ffffe3bb8\nKrnl Code: 00000000002b55b0: c02000840051 larl %r2,0000000001335652\n 00000000002b55b6: c0e5fff512d1 brasl %r14,0000000000157b58\n #00000000002b55bc: af000000 mc 0,0\n \u003e00000000002b55c0: a7f4ffe7 brc 15,00000000002b558e\n 00000000002b55c4: 0707 bcr 0,%r7\n 00000000002b55c6: 0707 bcr 0,%r7\n 00000000002b55c8: eb6ff0480024 stmg %r6,%r15,72(%r15)\n 00000000002b55ce: b90400ef lgr %r14,%r15\nCall Trace:\n [\u003c00000000002b55c0\u003e] arch_ftrace_ops_list_func+0x250/0x258\n([\u003c00000000002b55bc\u003e] arch_ftrace_ops_list_func+0x24c/0x258)\n [\u003c0000000000f5f0fc\u003e] ftrace_common+0x1c/0x20\n [\u003c00000000001044f6\u003e] arch_cpu_idle+0x6/0x28\n [\u003c0000000000f4acf6\u003e] default_idle_call+0x76/0x128\n [\u003c00000000001cc374\u003e] do_idle+0xf4/0x1b0\n [\u003c00000000001cc6ce\u003e] cpu_startup_entry+0x36/0x40\n [\u003c0000000000119d00\u003e] smp_start_secondary+0x140/0x150\n [\u003c0000000000f5d2ae\u003e] restart_int_handler+0x6e/0x90\n\nMark arch_cpu_idle() noinstr like all other architectures with\nCONFIG_ARCH_WANTS_NO_INSTR (should) have it to fix this.",
"id": "GHSA-vr4h-f46q-wpgf",
"modified": "2025-12-09T18:30:34Z",
"published": "2025-12-09T18:30:34Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53859"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/49aa49952116b8fd56bfb1e8c69bce179f49bece"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/611c390217106c46e24e1af3db83187339d447ea"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/a9cbc1b471d291c865907542394f1c483b93a811"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/fc60c4f12d8a056f20d8f4d0086a36c68ffa9fdc"
}
],
"schema_version": "1.4.0",
"severity": []
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.