CVE-2023-54173

EUVD-2023-60468

30.12.2025, 13:16

In the Linux kernel, the following vulnerability has been resolved:

bpf: Disable preemption in bpf_event_output

We received report [1] of kernel crash, which is caused by
using nesting protection without disabled preemption.

The bpf_event_output can be called by programs executed by
bpf_prog_run_array_cg function that disabled migration but
keeps preemption enabled.

This can cause task to be preempted by another one inside the
nesting protection and lead eventually to two tasks using same
perf_sample_data buffer and cause crashes like:

  BUG: kernel NULL pointer dereference, address: 0000000000000001
  #PF: supervisor instruction fetch in kernel mode
  #PF: error_code(0x0010) - not-present page
  ...
  ? perf_output_sample+0x12a/0x9a0
  ? finish_task_switch.isra.0+0x81/0x280
  ? perf_event_output+0x66/0xa0
  ? bpf_event_output+0x13a/0x190
  ? bpf_event_output_data+0x22/0x40
  ? bpf_prog_dfc84bbde731b257_cil_sock4_connect+0x40a/0xacb
  ? xa_load+0x87/0xe0
  ? __cgroup_bpf_run_filter_sock_addr+0xc1/0x1a0
  ? release_sock+0x3e/0x90
  ? sk_setsockopt+0x1a1/0x12f0
  ? udp_pre_connect+0x36/0x50
  ? inet_dgram_connect+0x93/0xa0
  ? __sys_connect+0xb4/0xe0
  ? udp_setsockopt+0x27/0x40
  ? __pfx_udp_push_pending_frames+0x10/0x10
  ? __sys_setsockopt+0xdf/0x1a0
  ? __x64_sys_connect+0xf/0x20
  ? do_syscall_64+0x3a/0x90
  ? entry_SYSCALL_64_after_hwframe+0x72/0xdc

Fixing this by disabling preemption in bpf_event_output.

[1] https://github.com/cilium/cilium/issues/26756

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	UNKNOWN				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 10%

Debian Releases

Debian Product

Codename

linux

bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
bullseye	5.10.223-1 fixed
bullseye (security)	5.10.247-1 fixed
forky	6.17.13-1 fixed
sid	6.17.13-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed

openSUSE / SLES Releases

openSUSE Product

Release

cluster-md-kmp-default

suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed

dlm-kmp-default

suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed

gfs2-kmp-default

suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed

kernel-64kb

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-azure

suse enterprise sap 15 SP7	6.4.0-150700.20.24.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.24.1 fixed

kernel-default

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-default-base

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1.150700.17.19.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1.150700.17.19.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1.150400.24.98.3 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1.150500.6.65.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1.150600.12.38.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1.150700.17.19.1 fixed

kernel-docs

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-macros

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-obs-build

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-source

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-source-azure

suse enterprise sap 15 SP7	6.4.0-150700.20.24.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.24.1 fixed

kernel-syms

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

kernel-syms-azure

suse enterprise sap 15 SP7	6.4.0-150700.20.24.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.20.24.1 fixed

kernel-zfcpdump

suse enterprise desktop 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise sap 15 SP7	6.4.0-150700.53.28.1 fixed
suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed
suse enterprise server 15 SP7	6.4.0-150700.53.28.1 fixed

ocfs2-kmp-default

suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed

reiserfs-kmp-default

suse enterprise server 15 SP4	5.14.21-150400.24.194.1 fixed
suse enterprise server 15 SP5	5.14.21-150500.55.133.1 fixed
suse enterprise server 15 SP6	6.4.0-150600.23.84.1 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

bpftool

RHEL 9

0:7.3.0-427.13.1.el9_4

fixed

kernel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-debug-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-64k-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-abi-stablelists

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-debug-uki-virt

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-doc

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-kvm

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-debug-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-kvm

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-rt-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-tools

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-tools-libs

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-tools-libs-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-uki-virt

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-devel

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-devel-matched

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-modules

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-modules-core

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

kernel-zfcpdump-modules-extra

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

libperf

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

perf

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

python3-perf

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

rtla

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

RHEL 9

0:5.14.0-427.13.1.el9_4

fixed

References

https://git.kernel.org/stable/c/063c9ce8e74e07bf94f99cd13146f42867875e8b

https://git.kernel.org/stable/c/3048cb0dc0cc9dc74ed93690dffef00733bcad5b

https://git.kernel.org/stable/c/36dd8ca330b76585640ed32255a3c99f901e1502

https://git.kernel.org/stable/c/c81bdf8f9f2b002d217c3d5357cdea9f2b82ff90

https://git.kernel.org/stable/c/d62cc390c2e99ae267ffe4b8d7e2e08b6c758c32