CVE-2023-53614

exitmmap() will tear down the VMAs and maple tree with the mmaplock held in write mode. Ensure that the maple tree is still valid by checking ksmtestexit() after taking the mmaplock in read mode, but before the foreach_vma() iterator dereferences a destroyed maple tree.

Since the maple tree is destroyed, the flags telling lockdep to check an external lock has been cleared. Skip the foreachvma() iterator to avoid dereferencing a maple tree without the external lock flag, which would create a lockdep warning.

Database specific

{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53614.json"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

a5f18ba0727656bd1fe3bcdb0d563f81790f9a04

Fixed

286b0cab31bac29960e5684f6fb331d42f03b363

Fixed

b4f664ffd8f78c05a1fd542a28bc5a11e994c014

Fixed

6db504ce55bdbc575723938fc480713c9183f6a2

Affected versions

v6.*

v6.0

v6.0-rc4

v6.0-rc5

v6.0-rc6

v6.0-rc7

v6.1

v6.1-rc1

v6.1-rc2

v6.1-rc3

v6.1-rc4

v6.1-rc5

v6.1-rc6

v6.1-rc7

v6.1-rc8

v6.1.1

v6.1.10

v6.1.11

v6.1.12

v6.1.13

v6.1.14

v6.1.15

v6.1.16

v6.1.17

v6.1.18

v6.1.19

v6.1.2

v6.1.20

v6.1.21

v6.1.3

v6.1.4

v6.1.5

v6.1.6

v6.1.7

v6.1.8

v6.1.9

v6.2

v6.2-rc1

v6.2-rc2

v6.2-rc3

v6.2-rc4

v6.2-rc5

v6.2-rc6

v6.2-rc7

v6.2-rc8

v6.2.1

v6.2.2

v6.2.3

v6.2.4

v6.2.5

v6.2.6

v6.2.7

v6.2.8

v6.3-rc1

v6.3-rc2

v6.3-rc3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53614.json"