In the Linux kernel, the following vulnerability has been resolved:
pipe: wakeup wr_wait after setting max_usage
Commit c73be61cede5 ("pipe: Add general notification queue support") a
regression was introduced that would lock up resized pipes under certain
conditions. See the reproducer in [1].
The commit resizing the pipe ring size was moved to a different
function, doing that moved the wakeup for pipe->wr_wait before actually
raising pipe->max_usage. If a pipe was full before the resize occured it
would result in the wakeup never actually triggering pipe_write.
Set @max_usage and @nr_accounted before waking writers if this isn't a
watch queue.
[Christian Brauner <[email protected]>: rewrite to account for watch queues]
Metrics
Affected Vendors & Products
References
History
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Mon, 04 Nov 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Linux
Linux linux Kernel |
|
CPEs | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* | |
Vendors & Products |
Linux
Linux linux Kernel |
|
References |
|
|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: Linux
Published: 2024-05-17T14:02:10.308Z
Updated: 2024-12-19T08:23:50.638Z
Reserved: 2024-03-07T14:49:46.886Z
Link: CVE-2023-52672
Vulnrichment
Updated: 2024-08-02T23:11:35.017Z
NVD
Status : Awaiting Analysis
Published: 2024-05-17T14:15:10.527
Modified: 2024-11-21T08:40:19.660
Link: CVE-2023-52672
Redhat