CVE-2023-52831

CVE Details

Release Date:

2024-05-21

Description

In the Linux kernel, the following vulnerability has been resolved:\ncpu/hotplug: Don't offline the last non-isolated CPU\nIf a system has isolated CPUs via the 'isolcpus=' command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\ncpuset_hotplug_workfn()\nrebuild_sched_domains_locked()\nndoms = generate_sched_domains(&doms, &attr);\ncpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\nbuild_sched_domains+0x120c/0x1408\npartition_sched_domains_locked+0x234/0x880\nrebuild_sched_domains_locked+0x37c/0x798\nrebuild_sched_domains+0x30/0x58\ncpuset_hotplug_workfn+0x2a8/0x930\nUnable to handle kernel paging request at virtual address fffe80027ab37080\npartition_sched_domains_locked+0x318/0x880\nrebuild_sched_domains_locked+0x37c/0x798\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue.

See more information about CVE-2023-52831 from MITRE CVE dictionary and NIST NVD

CVSS Scoring

NOTE: The following CVSS v3.1 metrics and score provided are preliminary and subject to review.

Base Score:	5.5	CVSS Vector:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector:	Local network	Attack Complexity:	Low
Privileges Required:	Low	User Interaction:	None
Scope:	Unchanged	Confidentiality Impact:	None
Integrity Impact:	None	Availability Impact:	High

Errata information

Platform	Errata	Release Date
Oracle Linux version 9 (kernel)	ELSA-2024-9315	2024-11-14