CVE-2023-52621

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52621
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52621.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52621
Downstream
Related
Published
2024-03-26T18:15:08Z
Modified
2025-08-09T19:01:28Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

bpf: Check rcureadlocktraceheld() before calling bpf map helpers

These three bpfmap{lookup,update,delete}elem() helpers are also available for sleepable bpf program, so add the corresponding lock assertion for sleepable bpf program, otherwise the following warning will be reported when a sleepable bpf program manipulates bpf map under interpreter mode (aka bpfjit_enable=0):

WARNING: CPU: 3 PID: 4985 at kernel/bpf/helpers.c:40 ...... CPU: 3 PID: 4985 Comm: testprogs Not tainted 6.6.0+ #2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ...... RIP: 0010:bpfmaplookupelem+0x54/0x60 ...... Call Trace: <TASK> ? warn+0xa5/0x240 ? bpfmaplookupelem+0x54/0x60 ? reportbug+0x1ba/0x1f0 ? handlebug+0x40/0x80 ? excinvalidop+0x18/0x50 ? asmexcinvalidop+0x1b/0x20 ? _pfxbpfmaplookupelem+0x10/0x10 ? rculockdepcurrentcpuonline+0x65/0xb0 ? rcuiswatching+0x23/0x50 ? bpfmaplookupelem+0x54/0x60 ? _pfxbpfmaplookupelem+0x10/0x10 _bpfprogrun+0x513/0x3b70 _bpfprogrun32+0x9d/0xd0 ? _bpfprogentersleepablerecur+0xad/0x120 ? _bpfprogentersleepablerecur+0x3e/0x120 bpftrampoline6442580665+0x4d/0x1000 _x64sysgetpgid+0x5/0x30 ? dosyscall64+0x36/0xb0 entrySYSCALL64after_hwframe+0x6e/0x76 </TASK>

References

Affected packages