Ubuntu: (Multiple Advisories) (CVE-2023-52623): Linux kernel vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2023-52623): Linux kernel vulnerabilities

Severity

4

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

03/26/2024

Created

05/18/2024

Added

05/17/2024

Modified

11/15/2024

Description

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspicious RCU usage [ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted [ 57.202525] ----------------------------- [ 57.202525] net/sunrpc/xprtmultipath.c:349 RCU-list traversed in non-reader section!! [ 57.202527] other info that might help us debug this: [ 57.202528] rcu_scheduler_active = 2, debug_locks = 1 [ 57.202529] no locks held by test5/3567. [ 57.202530] stack backtrace: [ 57.202532] CPU: 0 PID: 3567 Comm: test5 Not tainted 6.7.0-rc3-g2cc14f52aeb7 #41492 5b09971b4965c0aceba19f3eea324a4a806e227e [ 57.202534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS unknown 2/2/2022 [ 57.202536] Call Trace: [ 57.202537]<TASK> [ 57.202540]dump_stack_lvl+0x77/0xb0 [ 57.202551]lockdep_rcu_suspicious+0x154/0x1a0 [ 57.202556]rpc_xprt_switch_has_addr+0x17c/0x190 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202596]rpc_clnt_setup_test_and_add_xprt+0x50/0x180 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202621]? rpc_clnt_add_xprt+0x254/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202646]rpc_clnt_add_xprt+0x27a/0x300 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202671]? __pfx_rpc_clnt_setup_test_and_add_xprt+0x10/0x10 [sunrpc ebe02571b9a8ceebf7d98e71675af20c19bdb1f6] [ 57.202696]nfs4_pnfs_ds_connect+0x345/0x760 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] [ 57.202728]? __pfx_nfs4_test_session_trunk+0x10/0x10 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] [ 57.202754]nfs4_fl_prepare_ds+0x75/0xc0 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a] [ 57.202760]filelayout_write_pagelist+0x4a/0x200 [nfs_layout_nfsv41_files e3a4187f18ae8a27b630f9feae6831b584a9360a] [ 57.202765]pnfs_generic_pg_writepages+0xbe/0x230 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] [ 57.202788]__nfs_pageio_add_request+0x3fd/0x520 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202813]nfs_pageio_add_request+0x18b/0x390 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202831]nfs_do_writepage+0x116/0x1e0 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202849]nfs_writepages_callback+0x13/0x30 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202866]write_cache_pages+0x265/0x450 [ 57.202870]? __pfx_nfs_writepages_callback+0x10/0x10 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202891]nfs_writepages+0x141/0x230 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202913]do_writepages+0xd2/0x230 [ 57.202917]? filemap_fdatawrite_wbc+0x5c/0x80 [ 57.202921]filemap_fdatawrite_wbc+0x67/0x80 [ 57.202924]filemap_write_and_wait_range+0xd9/0x170 [ 57.202930]nfs_wb_all+0x49/0x180 [nfs 6c976fa593a7c2976f5a0aeb4965514a828e6902] [ 57.202947]nfs4_file_flush+0x72/0xb0 [nfsv4 c716d88496ded0ea6d289bbea684fa996f9b57a9] [ 57.202969]__se_sys_close+0x46/0xd0 [ 57.202972]do_syscall_64+0x68/0x100 [ 57.202975]? do_syscall_64+0x77/0x100 [ 57.202976]? do_syscall_64+0x77/0x100 [ 57.202979]entry_SYSCALL_64_after_hwframe+0x6e/0x76 [ 57.202982] RIP: 0033:0x7fe2b12e4a94 [ 57.202985] Code: 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 80 3d d5 18 0e 00 00 74 13 b8 03 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 44 c3 0f 1f 00 48 83 ec 18 89 7c 24 0c e8 c3 [ 57.202987] RSP: 002b:00007ffe857ddb38 EFLAGS: 00000202 ORIG_RAX: 0000000000000003 [ 57.202989] RAX: ffffffffffffffda RBX: 00007ffe857dfd68 RCX: 00007fe2b12e4a94 [ 57.202991] RDX: 0000000000002000 RSI: 00007ffe857ddc40 RDI: 0000000000000003 [ 57.202992] RBP: 00007ffe857dfc50 R08: 7fffffffffffffff R09: 0000000065650f49 [ 57.202993] R10: 00007f ---truncated---

Solution(s)

• ubuntu-upgrade-linux-image-5-15-0-1044-gkeop
• ubuntu-upgrade-linux-image-5-15-0-1054-ibm
• ubuntu-upgrade-linux-image-5-15-0-1054-nvidia
• ubuntu-upgrade-linux-image-5-15-0-1054-nvidia-lowlatency
• ubuntu-upgrade-linux-image-5-15-0-1054-raspi
• ubuntu-upgrade-linux-image-5-15-0-1057-intel-iotg
• ubuntu-upgrade-linux-image-5-15-0-1058-gke
• ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg
• ubuntu-upgrade-linux-image-5-15-0-1058-kvm
• ubuntu-upgrade-linux-image-5-15-0-1059-gcp
• ubuntu-upgrade-linux-image-5-15-0-1059-oracle
• ubuntu-upgrade-linux-image-5-15-0-106-generic
• ubuntu-upgrade-linux-image-5-15-0-106-generic-64k
• ubuntu-upgrade-linux-image-5-15-0-106-generic-lpae
• ubuntu-upgrade-linux-image-5-15-0-106-lowlatency
• ubuntu-upgrade-linux-image-5-15-0-106-lowlatency-64k
• ubuntu-upgrade-linux-image-5-15-0-1061-aws
• ubuntu-upgrade-linux-image-5-15-0-1063-azure
• ubuntu-upgrade-linux-image-5-15-0-1063-azure-fde
• ubuntu-upgrade-linux-image-5-4-0-1036-iot
• ubuntu-upgrade-linux-image-5-4-0-1043-xilinx-zynqmp
• ubuntu-upgrade-linux-image-5-4-0-1071-ibm
• ubuntu-upgrade-linux-image-5-4-0-1084-bluefield
• ubuntu-upgrade-linux-image-5-4-0-1091-gkeop
• ubuntu-upgrade-linux-image-5-4-0-1108-raspi
• ubuntu-upgrade-linux-image-5-4-0-1112-kvm
• ubuntu-upgrade-linux-image-5-4-0-1123-oracle
• ubuntu-upgrade-linux-image-5-4-0-1124-aws
• ubuntu-upgrade-linux-image-5-4-0-1128-gcp
• ubuntu-upgrade-linux-image-5-4-0-1129-azure
• ubuntu-upgrade-linux-image-5-4-0-181-generic
• ubuntu-upgrade-linux-image-5-4-0-181-generic-lpae
• ubuntu-upgrade-linux-image-5-4-0-181-lowlatency
• ubuntu-upgrade-linux-image-6-5-0-1015-starfive
• ubuntu-upgrade-linux-image-6-5-0-1017-laptop
• ubuntu-upgrade-linux-image-6-5-0-1018-raspi
• ubuntu-upgrade-linux-image-6-5-0-1021-aws
• ubuntu-upgrade-linux-image-6-5-0-1021-nvidia
• ubuntu-upgrade-linux-image-6-5-0-1021-nvidia-64k
• ubuntu-upgrade-linux-image-6-5-0-1022-azure
• ubuntu-upgrade-linux-image-6-5-0-1022-azure-fde
• ubuntu-upgrade-linux-image-6-5-0-1022-gcp
• ubuntu-upgrade-linux-image-6-5-0-1024-oem
• ubuntu-upgrade-linux-image-6-5-0-1024-oracle
• ubuntu-upgrade-linux-image-6-5-0-1024-oracle-64k
• ubuntu-upgrade-linux-image-6-5-0-41-generic
• ubuntu-upgrade-linux-image-6-5-0-41-generic-64k
• ubuntu-upgrade-linux-image-6-5-0-41-lowlatency
• ubuntu-upgrade-linux-image-6-5-0-41-lowlatency-64k
• ubuntu-upgrade-linux-image-aws
• ubuntu-upgrade-linux-image-aws-lts-20-04
• ubuntu-upgrade-linux-image-aws-lts-22-04
• ubuntu-upgrade-linux-image-azure
• ubuntu-upgrade-linux-image-azure-cvm
• ubuntu-upgrade-linux-image-azure-fde
• ubuntu-upgrade-linux-image-azure-fde-lts-22-04
• ubuntu-upgrade-linux-image-azure-lts-20-04
• ubuntu-upgrade-linux-image-azure-lts-22-04
• ubuntu-upgrade-linux-image-bluefield
• ubuntu-upgrade-linux-image-gcp
• ubuntu-upgrade-linux-image-gcp-lts-20-04
• ubuntu-upgrade-linux-image-gcp-lts-22-04
• ubuntu-upgrade-linux-image-generic
• ubuntu-upgrade-linux-image-generic-64k
• ubuntu-upgrade-linux-image-generic-64k-hwe-20-04
• ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
• ubuntu-upgrade-linux-image-generic-hwe-18-04
• ubuntu-upgrade-linux-image-generic-hwe-20-04
• ubuntu-upgrade-linux-image-generic-hwe-22-04
• ubuntu-upgrade-linux-image-generic-lpae
• ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04
• ubuntu-upgrade-linux-image-gke
• ubuntu-upgrade-linux-image-gke-5-15
• ubuntu-upgrade-linux-image-gkeop
• ubuntu-upgrade-linux-image-gkeop-5-15
• ubuntu-upgrade-linux-image-gkeop-5-4
• ubuntu-upgrade-linux-image-ibm
• ubuntu-upgrade-linux-image-ibm-lts-20-04
• ubuntu-upgrade-linux-image-intel
• ubuntu-upgrade-linux-image-intel-iotg
• ubuntu-upgrade-linux-image-kvm
• ubuntu-upgrade-linux-image-laptop-23-10
• ubuntu-upgrade-linux-image-lowlatency
• ubuntu-upgrade-linux-image-lowlatency-64k
• ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
• ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04
• ubuntu-upgrade-linux-image-lowlatency-hwe-18-04
• ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
• ubuntu-upgrade-linux-image-lowlatency-hwe-22-04
• ubuntu-upgrade-linux-image-nvidia
• ubuntu-upgrade-linux-image-nvidia-6-5
• ubuntu-upgrade-linux-image-nvidia-64k-6-5
• ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04
• ubuntu-upgrade-linux-image-nvidia-hwe-22-04
• ubuntu-upgrade-linux-image-nvidia-lowlatency
• ubuntu-upgrade-linux-image-oem
• ubuntu-upgrade-linux-image-oem-20-04
• ubuntu-upgrade-linux-image-oem-20-04b
• ubuntu-upgrade-linux-image-oem-20-04c
• ubuntu-upgrade-linux-image-oem-20-04d
• ubuntu-upgrade-linux-image-oem-22-04
• ubuntu-upgrade-linux-image-oem-22-04a
• ubuntu-upgrade-linux-image-oem-22-04b
• ubuntu-upgrade-linux-image-oem-22-04c
• ubuntu-upgrade-linux-image-oem-22-04d
• ubuntu-upgrade-linux-image-oem-osp1
• ubuntu-upgrade-linux-image-oracle
• ubuntu-upgrade-linux-image-oracle-64k
• ubuntu-upgrade-linux-image-oracle-lts-20-04
• ubuntu-upgrade-linux-image-oracle-lts-22-04
• ubuntu-upgrade-linux-image-raspi
• ubuntu-upgrade-linux-image-raspi-hwe-18-04
• ubuntu-upgrade-linux-image-raspi-nolpae
• ubuntu-upgrade-linux-image-raspi2
• ubuntu-upgrade-linux-image-snapdragon-hwe-18-04
• ubuntu-upgrade-linux-image-starfive
• ubuntu-upgrade-linux-image-virtual
• ubuntu-upgrade-linux-image-virtual-hwe-18-04
• ubuntu-upgrade-linux-image-virtual-hwe-20-04
• ubuntu-upgrade-linux-image-virtual-hwe-22-04
• ubuntu-upgrade-linux-image-xilinx-zynqmp

References

• https://attackerkb.com/topics/cve-2023-52623
• CVE - 2023-52623
• USN-6765-1
• USN-6766-1
• USN-6766-2
• USN-6766-3
• USN-6767-1
• USN-6767-2
• USN-6795-1
• USN-6818-1
• USN-6818-2
• USN-6818-3
• USN-6818-4
• USN-6819-1
• USN-6819-2
• USN-6819-3
• USN-6819-4
• USN-6828-1

View more