CVE-2023-52672

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-52672
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52672.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-52672
Downstream
Related
Published
2024-05-17T14:15:10Z
Modified
2025-08-09T19:01:27Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved:

pipe: wakeup wrwait after setting maxusage

Commit c73be61cede5 ("pipe: Add general notification queue support") a regression was introduced that would lock up resized pipes under certain conditions. See the reproducer in [1].

The commit resizing the pipe ring size was moved to a different function, doing that moved the wakeup for pipe->wrwait before actually raising pipe->maxusage. If a pipe was full before the resize occured it would result in the wakeup never actually triggering pipe_write.

Set @maxusage and @nraccounted before waking writers if this isn't a watch queue.

[Christian Brauner brauner@kernel.org: rewrite to account for watch queues]

References

Affected packages