-

CVE-2023-53339

In the Linux kernel, the following vulnerability has been resolved:

btrfs: fix BUG_ON condition in btrfs_cancel_balance

Pausing and canceling balance can race to interrupt balance lead to BUG_ON
panic in btrfs_cancel_balance. The BUG_ON condition in btrfs_cancel_balance
does not take this race scenario into account.

However, the race condition has no other side effects. We can fix that.

Reproducing it with panic trace like this:

  kernel BUG at fs/btrfs/volumes.c:4618!
  RIP: 0010:btrfs_cancel_balance+0x5cf/0x6a0
  Call Trace:
   <TASK>
   ? do_nanosleep+0x60/0x120
   ? hrtimer_nanosleep+0xb7/0x1a0
   ? sched_core_clone_cookie+0x70/0x70
   btrfs_ioctl_balance_ctl+0x55/0x70
   btrfs_ioctl+0xa46/0xd20
   __x64_sys_ioctl+0x7d/0xa0
   do_syscall_64+0x38/0x80
   entry_SYSCALL_64_after_hwframe+0x63/0xcd

  Race scenario as follows:
  > mutex_unlock(&fs_info->balance_mutex);
  > --------------------
  > .......issue pause and cancel req in another thread
  > --------------------
  > ret = __btrfs_balance(fs_info);
  >
  > mutex_lock(&fs_info->balance_mutex);
  > if (ret == -ECANCELED && atomic_read(&fs_info->balance_pause_req)) {
  >         btrfs_info(fs_info, "balance: paused");
  >         btrfs_exclop_balance(fs_info, BTRFS_EXCLOP_BALANCE_PAUSED);
  > }

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerLinux
Produkt Linux
Default Statusunaffected
Version < 7c93b89cd46636b5e74c12fa21dd86167bc6ea8d
Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status affected
Version < a0a462a0f20926918d6009f0b4b25673e883fc98
Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status affected
Version < bd7bef82ce0e929ef4cf63a34990545aaca28077
Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status affected
Version < b966e9e1e250dfdb41a7f41775faea4a37af923c
Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status affected
Version < ceb9ba8e30833a4823e2dc73f80ebcdf2498d01a
Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status affected
Version < ae81329f7de3aa6f34ecdfa5412e72161a30e9ce
Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status affected
Version < 29eefa6d0d07e185f7bfe9576f91e6dba98189c2
Version 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Status affected
HerstellerLinux
Produkt Linux
Default Statusaffected
Version <= 4.19.*
Version 4.19.293
Status unaffected
Version <= 5.4.*
Version 5.4.255
Status unaffected
Version <= 5.10.*
Version 5.10.192
Status unaffected
Version <= 5.15.*
Version 5.15.128
Status unaffected
Version <= 6.1.*
Version 6.1.47
Status unaffected
Version <= 6.4.*
Version 6.4.12
Status unaffected
Version <= *
Version 6.5
Status unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.03% 0.078
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String