CVE-2023-52942

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-52942

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-52942.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-52942

Related

UBUNTU-CVE-2023-52942

Published

2025-03-27T17:15:44Z

Modified

2025-03-28T18:11:49Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

cgroup/cpuset: Fix wrong check in updateparentsubparts_cpumask()

It was found that the check to see if a partition could use up all the cpus from the parent cpuset in updateparentsubparts_cpumask() was incorrect. As a result, it is possible to leave parent with no effective cpu left even if there are tasks in the parent cpuset. This can lead to system panic as reported in [1].

Fix this probem by updating the check to fail the enabling the partition if parent's effectivecpus is a subset of the child's cpusallowed.

Also record the error code when an error happens in update_prstate() and add a test case where parent partition and child have the same cpu list and parent has task. Enabling partition in the child will fail in this case.

[1] https://www.spinics.net/lists/cgroups/msg36254.html

References

Affected packages

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.11-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}