Kernel Vulnerability in Linux Affecting HPE ProLiant Servers
CVE-2023-53530
What is CVE-2023-53530?
A vulnerability exists in the Linux kernel associated with the handling of processor identification, which may allow for unexpected behavior in preemptible modes. Specifically, the use of smp_processor_id() instead of raw_smp_processor_id() can lead to issues and errors when handling controller connections for NVMe over Fibre Channel devices. This could potentially affect system stability and performance, particularly in environments utilizing the affected drivers. The guidance suggests implementing queue_work() across the driver to enhance preemption mechanisms, improving overall reliability and security. Users and administrators are advised to review and apply relevant updates to mitigate risks associated with this vulnerability.
Affected Version(s)
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 1a541999f31fcb10ea50eba2a563e6c451fd5c7d
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 52c7b41ad6ee53222f4ee2f0c099a6ed8291a168
Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 25bd0c7def04a272f8e89b36971712fe29c6e438