Ring-Buffer Vulnerability in Linux Kernel by Open Source
CVE-2023-53587
What is CVE-2023-53587?
A vulnerability in the Linux kernel's ring-buffer mechanism may allow for unsafe operations during the destruction phase of the buffer. If data is written to the buffer right before its destruction, the system may attempt to execute a synchronization IRQ work after the buffer has already been freed. This scenario can lead to a use-after-free condition, potentially causing system crashes or unexpected behavior, as indicated by a KASAN report observed in a special environment setup. The proper implementation of irq_work_sync() is essential to ensure that IRQ work completes before any buffer destruction occurs, thus preventing such critical scenarios.
Affected Version(s)
Linux 15693458c4bc0693fd63a50d60f35b628fcf4e29 < 372c5ee537b8366b64b691ba29e9335525e1655e
Linux 15693458c4bc0693fd63a50d60f35b628fcf4e29 < 2702b67f59d455072a08dc40312f9b090d4dec04
Linux 15693458c4bc0693fd63a50d60f35b628fcf4e29 < 2399b1fda025e939b6fb1ac94505bcf718534e65