CVE-2023-53029

27.03.2025, 17:15

In the Linux kernel, the following vulnerability has been resolved:

octeontx2-pf: Fix the use of GFP_KERNEL in atomic context on rt

The commit 4af1b64f80fb ("octeontx2-pf: Fix lmtst ID used in aura
free") uses the get/put_cpu() to protect the usage of percpu pointer
in ->aura_freeptr() callback, but it also unnecessarily disable the
preemption for the blockable memory allocation. The commit 87b93b678e95
("octeontx2-pf: Avoid use of GFP_KERNEL in atomic context") tried to
fix these sleep inside atomic warnings. But it only fix the one for
the non-rt kernel. For the rt kernel, we still get the similar warnings
like below.
  BUG: sleeping function called from invalid context at kernel/locking/spinlock_rt.c:46
  in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 1, name: swapper/0
  preempt_count: 1, expected: 0
  RCU nest depth: 0, expected: 0
  3 locks held by swapper/0/1:
   #0: ffff800009fc5fe8 (rtnl_mutex){+.+.}-{3:3}, at: rtnl_lock+0x24/0x30
   #1: ffff000100c276c0 (&mbox->lock){+.+.}-{3:3}, at: otx2_init_hw_resources+0x8c/0x3a4
   #2: ffffffbfef6537e0 (&cpu_rcache->lock){+.+.}-{2:2}, at: alloc_iova_fast+0x1ac/0x2ac
  Preemption disabled at:
  [<ffff800008b1908c>] otx2_rq_aura_pool_init+0x14c/0x284
  CPU: 20 PID: 1 Comm: swapper/0 Tainted: G        W          6.2.0-rc3-rt1-yocto-preempt-rt #1
  Hardware name: Marvell OcteonTX CN96XX board (DT)
  Call trace:
   dump_backtrace.part.0+0xe8/0xf4
   show_stack+0x20/0x30
   dump_stack_lvl+0x9c/0xd8
   dump_stack+0x18/0x34
   __might_resched+0x188/0x224
   rt_spin_lock+0x64/0x110
   alloc_iova_fast+0x1ac/0x2ac
   iommu_dma_alloc_iova+0xd4/0x110
   __iommu_dma_map+0x80/0x144
   iommu_dma_map_page+0xe8/0x260
   dma_map_page_attrs+0xb4/0xc0
   __otx2_alloc_rbuf+0x90/0x150
   otx2_rq_aura_pool_init+0x1c8/0x284
   otx2_init_hw_resources+0xe4/0x3a4
   otx2_open+0xf0/0x610
   __dev_open+0x104/0x224
   __dev_change_flags+0x1e4/0x274
   dev_change_flags+0x2c/0x7c
   ic_open_devs+0x124/0x2f8
   ip_auto_config+0x180/0x42c
   do_one_initcall+0x90/0x4dc
   do_basic_setup+0x10c/0x14c
   kernel_init_freeable+0x10c/0x13c
   kernel_init+0x2c/0x140
   ret_from_fork+0x10/0x20

Of course, we can shuffle the get/put_cpu() to only wrap the invocation
of ->aura_freeptr() as what commit 87b93b678e95 does. But there are only
two ->aura_freeptr() callbacks, otx2_aura_freeptr() and
cn10k_aura_freeptr(). There is no usage of perpcu variable in the
otx2_aura_freeptr() at all, so the get/put_cpu() seems redundant to it.
We can move the get/put_cpu() into the corresponding callback which
really has the percpu variable usage and avoid the sprinkling of
get/put_cpu() in several places.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 4%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.234-1 fixed
bookworm	6.1.129-1 fixed
bookworm (security)	6.1.128-1 fixed
trixie	6.12.19-1 fixed
sid	6.12.20-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

linux

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	needs-triage

linux-allwinner-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-aws

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage
trusty	needs-triage

linux-aws-5.0

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-aws-5.11

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-aws-5.13

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-aws-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-aws-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-aws-5.3

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-aws-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-aws-5.8

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-aws-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-aws-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-aws-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-aws-fips

oracular	dne
noble	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage

linux-aws-hwe

oracular	dne
noble	dne
jammy	dne
focal	dne
xenial	needs-triage

linux-azure

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	ignored
xenial	needs-triage
trusty	needs-triage

linux-azure-4.15

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-azure-5.11

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-azure-5.13

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-azure-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-azure-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-azure-5.3

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-azure-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-azure-5.8

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-azure-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-azure-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-azure-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-azure-edge

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-azure-fde

oracular	dne
noble	dne
jammy	needs-triage
focal	ignored

linux-azure-fde-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-azure-fde-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-azure-fde-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-azure-fips

oracular	dne
noble	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage

linux-bluefield

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-fips

oracular	dne
noble	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

linux-gcp

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	ignored
xenial	needs-triage

linux-gcp-4.15

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-gcp-5.11

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-gcp-5.13

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-gcp-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-gcp-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-gcp-5.3

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-gcp-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-gcp-5.8

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-gcp-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-gcp-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-gcp-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-gcp-fips

oracular	dne
noble	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage

linux-gke

oracular	dne
noble	needs-triage
jammy	needs-triage
focal	ignored

linux-gke-4.15

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-gke-5.15

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-gke-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-gkeop

oracular	dne
noble	needs-triage
jammy	needs-triage
focal	ignored

linux-gkeop-5.15

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-gkeop-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-hwe

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	needs-triage

linux-hwe-5.11

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-hwe-5.13

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-hwe-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-hwe-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-hwe-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-hwe-5.8

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-hwe-6.11

oracular	dne
noble	needs-triage
jammy	dne
focal	dne

linux-hwe-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-hwe-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-hwe-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-hwe-edge

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored
xenial	ignored

linux-ibm

oracular	dne
noble	needs-triage
jammy	needs-triage
focal	needs-triage

linux-ibm-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-ibm-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-intel-5.13

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-intel-iot-realtime

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-intel-iotg

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-intel-iotg-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-iot

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-kvm

oracular	dne
noble	dne
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

linux-lowlatency

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	dne

linux-lowlatency-hwe-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-lowlatency-hwe-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-lowlatency-hwe-6.11

oracular	dne
noble	needs-triage
jammy	dne
focal	dne

linux-lowlatency-hwe-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-lowlatency-hwe-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-lowlatency-hwe-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-lts-xenial

oracular	dne
noble	dne
jammy	dne
focal	dne
trusty	needs-triage

linux-nvidia

oracular	dne
noble	needs-triage
jammy	needs-triage
focal	dne

linux-nvidia-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-nvidia-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-nvidia-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-nvidia-lowlatency

oracular	dne
noble	needs-triage
jammy	dne
focal	dne

linux-nvidia-tegra

oracular	dne
noble	needs-triage
jammy	needs-triage
focal	dne

linux-nvidia-tegra-igx

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-oem

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-oem-5.10

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-oem-5.13

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-oem-5.14

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-oem-5.17

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-oem-5.6

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-oem-6.0

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-oem-6.1

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-oem-6.11

oracular	dne
noble	needs-triage
jammy	dne
focal	dne

linux-oem-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-oem-6.8

oracular	dne
noble	needs-triage
jammy	dne
focal	dne

linux-oracle

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

linux-oracle-5.0

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-oracle-5.11

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-oracle-5.13

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-oracle-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-oracle-5.3

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	ignored

linux-oracle-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-oracle-5.8

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-oracle-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-oracle-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-raspi

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage

linux-raspi-5.4

oracular	dne
noble	dne
jammy	dne
focal	dne
bionic	needs-triage

linux-raspi-realtime

oracular	dne
noble	needs-triage
jammy	dne
focal	dne

linux-raspi2

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-realtime

oracular	needs-triage
noble	needs-triage
jammy	needs-triage
focal	dne

linux-riscv

oracular	needs-triage
noble	needs-triage
jammy	ignored
focal	ignored

linux-riscv-5.11

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-riscv-5.15

oracular	dne
noble	dne
jammy	dne
focal	needs-triage

linux-riscv-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-riscv-5.8

oracular	dne
noble	dne
jammy	dne
focal	ignored

linux-riscv-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-riscv-6.8

oracular	dne
noble	dne
jammy	needs-triage
focal	dne

linux-starfive-5.19

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-starfive-6.2

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-starfive-6.5

oracular	dne
noble	dne
jammy	ignored
focal	dne

linux-xilinx-zynqmp

oracular	dne
noble	dne
jammy	needs-triage
focal	needs-triage

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Linux Kernel ausnutzen, um einen Denial of Service Angriff durchzuführen oder nicht spezifizierte Effekte zu erzielen.
Published: 2025-03-27T23:00:00+00:00

References

https://git.kernel.org/stable/c/29e9c67bf3271067735c188e95cf3631ecd64d58

https://git.kernel.org/stable/c/55ba18dc62deff5910c0fa64486dea1ff20832ff

https://git.kernel.org/stable/c/659518e013d6bd562bb0f1d2d9f99d0ac54720e2