Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-52632): Linux kernel (OEM) vulnerabilities

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Ubuntu: (Multiple Advisories) (CVE-2023-52632): Linux kernel (OEM) vulnerabilities

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

04/02/2024

Created

05/18/2024

Added

05/17/2024

Modified

07/15/2024

Description

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp #2289 Not tainted ------------------------------------------------------ kworker/0:2/996 is trying to acquire lock: (srcu){.+.+}-{0:0}, at: __synchronize_srcu+0x5/0x1a0 but task is already holding lock: ((work_completion)(&svms->deferred_list_work)){+.+.}-{0:0}, at: process_one_work+0x211/0x560 which lock already depends on the new lock. the existing dependency chain (in reverse order) is: -> #3 ((work_completion)(&svms->deferred_list_work)){+.+.}-{0:0}: __flush_work+0x88/0x4f0 svm_range_list_lock_and_flush_work+0x3d/0x110 [amdgpu] svm_range_set_attr+0xd6/0x14c0 [amdgpu] kfd_ioctl+0x1d1/0x630 [amdgpu] __x64_sys_ioctl+0x88/0xc0 -> #2 (&info->lock#2){+.+.}-{3:3}: __mutex_lock+0x99/0xc70 amdgpu_amdkfd_gpuvm_restore_process_bos+0x54/0x740 [amdgpu] restore_process_helper+0x22/0x80 [amdgpu] restore_process_worker+0x2d/0xa0 [amdgpu] process_one_work+0x29b/0x560 worker_thread+0x3d/0x3d0 -> #1 ((work_completion)(&(&process->restore_work)->work)){+.+.}-{0:0}: __flush_work+0x88/0x4f0 __cancel_work_timer+0x12c/0x1c0 kfd_process_notifier_release_internal+0x37/0x1f0 [amdgpu] __mmu_notifier_release+0xad/0x240 exit_mmap+0x6a/0x3a0 mmput+0x6a/0x120 do_exit+0x322/0xb90 do_group_exit+0x37/0xa0 __x64_sys_exit_group+0x18/0x20 do_syscall_64+0x38/0x80 -> #0 (srcu){.+.+}-{0:0}: __lock_acquire+0x1521/0x2510 lock_sync+0x5f/0x90 __synchronize_srcu+0x4f/0x1a0 __mmu_notifier_release+0x128/0x240 exit_mmap+0x6a/0x3a0 mmput+0x6a/0x120 svm_range_deferred_list_work+0x19f/0x350 [amdgpu] process_one_work+0x29b/0x560 worker_thread+0x3d/0x3d0 other info that might help us debug this: Chain exists of: srcu --> &info->lock#2 --> (work_completion)(&svms->deferred_list_work) Possible unsafe locking scenario: CPU0 CPU1 ---- ---- lock((work_completion)(&svms->deferred_list_work)); lock(&info->lock#2); lock((work_completion)(&svms->deferred_list_work)); sync(srcu);

Solution(s)

ubuntu-upgrade-linux-image-6-5-0-1015-starfive
ubuntu-upgrade-linux-image-6-5-0-1017-laptop
ubuntu-upgrade-linux-image-6-5-0-1018-raspi
ubuntu-upgrade-linux-image-6-5-0-1021-aws
ubuntu-upgrade-linux-image-6-5-0-1021-nvidia
ubuntu-upgrade-linux-image-6-5-0-1021-nvidia-64k
ubuntu-upgrade-linux-image-6-5-0-1022-azure
ubuntu-upgrade-linux-image-6-5-0-1022-azure-fde
ubuntu-upgrade-linux-image-6-5-0-1022-gcp
ubuntu-upgrade-linux-image-6-5-0-1022-oem
ubuntu-upgrade-linux-image-6-5-0-1024-oem
ubuntu-upgrade-linux-image-6-5-0-1024-oracle
ubuntu-upgrade-linux-image-6-5-0-1024-oracle-64k
ubuntu-upgrade-linux-image-6-5-0-41-generic
ubuntu-upgrade-linux-image-6-5-0-41-generic-64k
ubuntu-upgrade-linux-image-6-5-0-41-lowlatency
ubuntu-upgrade-linux-image-6-5-0-41-lowlatency-64k
ubuntu-upgrade-linux-image-aws
ubuntu-upgrade-linux-image-azure
ubuntu-upgrade-linux-image-azure-fde
ubuntu-upgrade-linux-image-gcp
ubuntu-upgrade-linux-image-generic
ubuntu-upgrade-linux-image-generic-64k
ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
ubuntu-upgrade-linux-image-generic-hwe-22-04
ubuntu-upgrade-linux-image-generic-lpae
ubuntu-upgrade-linux-image-kvm
ubuntu-upgrade-linux-image-laptop-23-10
ubuntu-upgrade-linux-image-lowlatency
ubuntu-upgrade-linux-image-lowlatency-64k
ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04
ubuntu-upgrade-linux-image-lowlatency-hwe-22-04
ubuntu-upgrade-linux-image-nvidia-6-5
ubuntu-upgrade-linux-image-nvidia-64k-6-5
ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04
ubuntu-upgrade-linux-image-nvidia-hwe-22-04
ubuntu-upgrade-linux-image-oem-22-04
ubuntu-upgrade-linux-image-oem-22-04a
ubuntu-upgrade-linux-image-oem-22-04b
ubuntu-upgrade-linux-image-oem-22-04c
ubuntu-upgrade-linux-image-oem-22-04d
ubuntu-upgrade-linux-image-oracle
ubuntu-upgrade-linux-image-oracle-64k
ubuntu-upgrade-linux-image-raspi
ubuntu-upgrade-linux-image-raspi-nolpae
ubuntu-upgrade-linux-image-starfive
ubuntu-upgrade-linux-image-virtual
ubuntu-upgrade-linux-image-virtual-hwe-22-04

References

https://attackerkb.com/topics/cve-2023-52632
CVE - 2023-52632
USN-6765-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-52632): Linux kernel (OEM) vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2023-52632): Linux kernel (OEM) vulnerabilities

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.