CVE-2023-52621

EPSS 0%
Published 26.03.2024 18:15:08
Last modified 02.05.2025 07:15:50
Source 416baaa9-dc9f-4396-8d5f-8c081f
Teams watchlist Login
Open Login

In the Linux kernel, the following vulnerability has been resolved:

bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers

These three bpf_map_{lookup,update,delete}_elem() helpers are also
available for sleepable bpf program, so add the corresponding lock
assertion for sleepable bpf program, otherwise the following warning
will be reported when a sleepable bpf program manipulates bpf map under
interpreter mode (aka bpf_jit_enable=0):

  WARNING: CPU: 3 PID: 4985 at kernel/bpf/helpers.c:40 ......
  CPU: 3 PID: 4985 Comm: test_progs Not tainted 6.6.0+ #2
  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) ......
  RIP: 0010:bpf_map_lookup_elem+0x54/0x60
  ......
  Call Trace:
   <TASK>
   ? __warn+0xa5/0x240
   ? bpf_map_lookup_elem+0x54/0x60
   ? report_bug+0x1ba/0x1f0
   ? handle_bug+0x40/0x80
   ? exc_invalid_op+0x18/0x50
   ? asm_exc_invalid_op+0x1b/0x20
   ? __pfx_bpf_map_lookup_elem+0x10/0x10
   ? rcu_lockdep_current_cpu_online+0x65/0xb0
   ? rcu_is_watching+0x23/0x50
   ? bpf_map_lookup_elem+0x54/0x60
   ? __pfx_bpf_map_lookup_elem+0x10/0x10
   ___bpf_prog_run+0x513/0x3b70
   __bpf_prog_run32+0x9d/0xd0
   ? __bpf_prog_enter_sleepable_recur+0xad/0x120
   ? __bpf_prog_enter_sleepable_recur+0x3e/0x120
   bpf_trampoline_6442580665+0x4d/0x1000
   __x64_sys_getpgid+0x5/0x30
   ? do_syscall_64+0x36/0xb0
   entry_SYSCALL_64_after_hwframe+0x6e/0x76
   </TASK>

Affected products Warnungen 0 Metrics 2 CWE 1 References 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Data is provided by the National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version < 6.1.77

Linux ≫ Linux Kernel Version >= 6.2 < 6.6.16

Linux ≫ Linux Kernel Version >= 6.7 < 6.7.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0%	0.002

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-617 Reachable Assertion

The product contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary.

https://git.kernel.org/stable/c/169410eba271afc9f0fb476d996795aa26770c6d

Patch

https://git.kernel.org/stable/c/483cb92334cd7f1d5387dccc0ab5d595d27a669d

Patch

https://git.kernel.org/stable/c/c7f1b6146f4a46d727c0d046284c28b6882c6304

Patch

https://git.kernel.org/stable/c/d6d6fe4bb105595118f12abeed4a7bdd450853f3

Patch

https://git.kernel.org/stable/c/3516f93cc63d956e1b290ae4b7bf2586074535a0

https://git.kernel.org/stable/c/82f2df94dac1aa9b879e74d1f82ba1b631bdc612

https://nvd.nist.gov/vuln/detail/CVE-2023-52621

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-52621

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-52621

EUVD