CVE-2023-52813 - Vulnerability Details

Vendors	Products
Redhat	Enterprise Linux Rhel Eus

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:4352	2024-07-08T00:00:00Z
kernel-0:4.18.0-553.8.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:4211	2024-07-02T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-503.11.1.el9_5	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z
kernel-0:5.14.0-503.11.1.el9_5	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:9315	2024-11-12T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
kernel-0:5.14.0-427.68.1.el9_4	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:7526	2025-05-14T00:00:00Z

Link	Providers
https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0
https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28
https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316
https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523
https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e
https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7
https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf
https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d
https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818
https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52813-0704@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-52813
https://www.cve.org/CVERecord?id=CVE-2023-52813

Type	Values Removed	Values Added
Metrics	epss `{'score': 0.00045}`	epss `{'score': 0.00047}`

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.4
Vendors & Products		Redhat rhel Eus

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Show plain JSON

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-52813", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-21T15:19:24.248Z", "datePublished": "2024-05-21T15:31:21.604Z", "dateUpdated": "2025-07-15T15:43:50.801Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-15T15:43:50.801Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\n\nWe found a hungtask bug in test_aead_vec_cfg as follows:\n\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n __switch_to+0x98/0xe0\n __schedule+0x6c4/0xf40\n schedule+0xd8/0x1b4\n schedule_timeout+0x474/0x560\n wait_for_common+0x368/0x4e0\n wait_for_completion+0x20/0x30\n wait_for_completion+0x20/0x30\n test_aead_vec_cfg+0xab4/0xd50\n test_aead+0x144/0x1f0\n alg_test_aead+0xd8/0x1e0\n alg_test+0x634/0x890\n cryptomgr_test+0x40/0x70\n kthread+0x1e0/0x220\n ret_from_fork+0x10/0x18\n Kernel panic - not syncing: hung_task: blocked tasks\n\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst->flags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon't call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(&wait->completion), which will cause\nhungtask.\n\nThe problem comes as following:\n(padata_do_parallel)                 |\n    rcu_read_lock_bh();              |\n    err = -EINVAL;                   |   (padata_replace)\n                                     |     pinst->flags |= PADATA_RESET;\n    err = -EBUSY                     |\n    if (pinst->flags & PADATA_RESET) |\n        rcu_read_unlock_bh()         |\n        return err\n\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\n\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/pcrypt.c", "kernel/padata.c"], "versions": [{"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "fb2d3a50a8f29a3c66682bb426144f40e32ab818", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "039fec48e062504f14845124a1a25eb199b2ddc0", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "c9c1334697301c10e6918d747ed38abfbc0c96e7", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "e97bf4ada7dddacd184c3e196bd063b0dc71b41d", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "546c1796ad1ed0d87dab3c4b5156d75819be2316", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "c55fc098fd9d2dca475b82d00ffbcaf97879d77e", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "e134f3aba98e6c801a693f540912c2d493718ddf", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "372636debe852913529b1716f44addd94fff2d28", "status": "affected", "versionType": "git"}, {"version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "8f4f68e788c3a7a696546291258bfa5fdb215523", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["crypto/pcrypt.c", "kernel/padata.c"], "versions": [{"version": "2.6.34", "status": "affected"}, {"version": "0", "lessThan": "2.6.34", "status": "unaffected", "versionType": "semver"}, {"version": "4.14.331", "lessThanOrEqual": "4.14.*", "status": "unaffected", "versionType": "semver"}, {"version": "4.19.300", "lessThanOrEqual": "4.19.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.262", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.202", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.140", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.64", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5.13", "lessThanOrEqual": "6.5.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.3", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.7", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "4.14.331"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "4.19.300"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "5.4.262"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "5.10.202"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "5.15.140"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "6.1.64"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "6.5.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "6.6.3"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "2.6.34", "versionEndExcluding": "6.7"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"}, {"url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"}, {"url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"}, {"url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"}, {"url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"}, {"url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"}, {"url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"}, {"url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"}, {"url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"}], "title": "crypto: pcrypt - Fix hungtask for PADATA_RESET", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52813", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T17:18:51.048604Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-04T17:24:13.216Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:36.058Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523", "tags": ["x_transferred"]}]}]}}

{

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

cveMetadata : { »

cveId : CVE-2023-52813 (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

state : PUBLISHED (string)

assignerShortName : Linux (string)

dateReserved : 2024-05-21T15:19:24.248Z (string)

datePublished : 2024-05-21T15:31:21.604Z (string)

dateUpdated : 2025-07-15T15:43:50.801Z (string)

}

containers : { »

cna : { »

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-07-15T15:43:50.801Z (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. (string)

}

]

affected : [ »

0 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : unaffected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : crypto/pcrypt.c (string)

1 : kernel/padata.c (string)

]

versions : [ »

0 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

status : affected (string)

versionType : git (string)

}

1 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 039fec48e062504f14845124a1a25eb199b2ddc0 (string)

status : affected (string)

versionType : git (string)

}

2 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

status : affected (string)

versionType : git (string)

}

3 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

status : affected (string)

versionType : git (string)

}

4 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

status : affected (string)

versionType : git (string)

}

5 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

status : affected (string)

versionType : git (string)

}

6 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : e134f3aba98e6c801a693f540912c2d493718ddf (string)

status : affected (string)

versionType : git (string)

}

7 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 372636debe852913529b1716f44addd94fff2d28 (string)

status : affected (string)

versionType : git (string)

}

8 : { »

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

status : affected (string)

versionType : git (string)

}

]

}

1 : { »

product : Linux (string)

vendor : Linux (string)

defaultStatus : affected (string)

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

programFiles : [ »

0 : crypto/pcrypt.c (string)

1 : kernel/padata.c (string)

]

versions : [ »

0 : { »

version : 2.6.34 (string)

status : affected (string)

}

1 : { »

version : 0 (string)

lessThan : 2.6.34 (string)

status : unaffected (string)

versionType : semver (string)

}

2 : { »

version : 4.14.331 (string)

lessThanOrEqual : 4.14.* (string)

status : unaffected (string)

versionType : semver (string)

}

3 : { »

version : 4.19.300 (string)

lessThanOrEqual : 4.19.* (string)

status : unaffected (string)

versionType : semver (string)

}

4 : { »

version : 5.4.262 (string)

lessThanOrEqual : 5.4.* (string)

status : unaffected (string)

versionType : semver (string)

}

5 : { »

version : 5.10.202 (string)

lessThanOrEqual : 5.10.* (string)

status : unaffected (string)

versionType : semver (string)

}

6 : { »

version : 5.15.140 (string)

lessThanOrEqual : 5.15.* (string)

status : unaffected (string)

versionType : semver (string)

}

7 : { »

version : 6.1.64 (string)

lessThanOrEqual : 6.1.* (string)

status : unaffected (string)

versionType : semver (string)

}

8 : { »

version : 6.5.13 (string)

lessThanOrEqual : 6.5.* (string)

status : unaffected (string)

versionType : semver (string)

}

9 : { »

version : 6.6.3 (string)

lessThanOrEqual : 6.6.* (string)

status : unaffected (string)

versionType : semver (string)

}

10 : { »

version : 6.7 (string)

lessThanOrEqual : * (string)

status : unaffected (string)

versionType : original_commit_for_fix (string)

}

]

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

operator : OR (string)

negate : false (boolean)

cpeMatch : [ »

0 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 4.14.331 (string)

}

1 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 4.19.300 (string)

}

2 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 5.4.262 (string)

}

3 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 5.10.202 (string)

}

4 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 5.15.140 (string)

}

5 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 6.1.64 (string)

}

6 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 6.5.13 (string)

}

7 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 6.6.3 (string)

}

8 : { »

vulnerable : true (boolean)

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

versionStartIncluding : 2.6.34 (string)

versionEndExcluding : 6.7 (string)

}

]

}

]

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

}

4 : { »

url : https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

}

6 : { »

url : https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf (string)

}

7 : { »

url : https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 (string)

}

8 : { »

url : https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

}

]

title : crypto: pcrypt - Fix hungtask for PADATA_RESET (string)

x_generator : { »

engine : bippy-1.2.0 (string)

}

adp : [ »

0 : { »

title : CISA ADP Vulnrichment (string)

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-52813 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-23T17:18:51.048604Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-06-04T17:24:13.216Z (string)

}

1 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T23:11:36.058Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

}

]

}

Show plain JSON

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T23:11:36.058Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-52813", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-23T17:18:51.048604Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-23T17:19:02.984Z"}, "title": "CISA ADP Vulnrichment"}], "cna": {"title": "crypto: pcrypt - Fix hungtask for PADATA_RESET", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "fb2d3a50a8f29a3c66682bb426144f40e32ab818", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "039fec48e062504f14845124a1a25eb199b2ddc0", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "c9c1334697301c10e6918d747ed38abfbc0c96e7", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "e97bf4ada7dddacd184c3e196bd063b0dc71b41d", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "546c1796ad1ed0d87dab3c4b5156d75819be2316", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "c55fc098fd9d2dca475b82d00ffbcaf97879d77e", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "e134f3aba98e6c801a693f540912c2d493718ddf", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "372636debe852913529b1716f44addd94fff2d28", "versionType": "git"}, {"status": "affected", "version": "16295bec6398a3eedc9377e1af6ff4c71b98c300", "lessThan": "8f4f68e788c3a7a696546291258bfa5fdb215523", "versionType": "git"}], "programFiles": ["crypto/pcrypt.c", "kernel/padata.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "2.6.34"}, {"status": "unaffected", "version": "0", "lessThan": "2.6.34", "versionType": "semver"}, {"status": "unaffected", "version": "4.14.331", "versionType": "semver", "lessThanOrEqual": "4.14.*"}, {"status": "unaffected", "version": "4.19.300", "versionType": "semver", "lessThanOrEqual": "4.19.*"}, {"status": "unaffected", "version": "5.4.262", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.202", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.140", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.64", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.5.13", "versionType": "semver", "lessThanOrEqual": "6.5.*"}, {"status": "unaffected", "version": "6.6.3", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.7", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["crypto/pcrypt.c", "kernel/padata.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"}, {"url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"}, {"url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"}, {"url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"}, {"url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"}, {"url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"}, {"url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"}, {"url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"}, {"url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\n\nWe found a hungtask bug in test_aead_vec_cfg as follows:\n\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n __switch_to+0x98/0xe0\n __schedule+0x6c4/0xf40\n schedule+0xd8/0x1b4\n schedule_timeout+0x474/0x560\n wait_for_common+0x368/0x4e0\n wait_for_completion+0x20/0x30\n wait_for_completion+0x20/0x30\n test_aead_vec_cfg+0xab4/0xd50\n test_aead+0x144/0x1f0\n alg_test_aead+0xd8/0x1e0\n alg_test+0x634/0x890\n cryptomgr_test+0x40/0x70\n kthread+0x1e0/0x220\n ret_from_fork+0x10/0x18\n Kernel panic - not syncing: hung_task: blocked tasks\n\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst->flags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon't call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(&wait->completion), which will cause\nhungtask.\n\nThe problem comes as following:\n(padata_do_parallel)                 |\n    rcu_read_lock_bh();              |\n    err = -EINVAL;                   |   (padata_replace)\n                                     |     pinst->flags |= PADATA_RESET;\n    err = -EBUSY                     |\n    if (pinst->flags & PADATA_RESET) |\n        rcu_read_unlock_bh()         |\n        return err\n\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\n\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.14.331", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "4.19.300", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.262", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.202", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.140", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.64", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.5.13", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.3", "versionStartIncluding": "2.6.34"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.7", "versionStartIncluding": "2.6.34"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-07-15T15:43:50.801Z"}}}, "cveMetadata": {"cveId": "CVE-2023-52813", "state": "PUBLISHED", "dateUpdated": "2025-07-15T15:43:50.801Z", "dateReserved": "2024-05-21T15:19:24.248Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-21T15:31:21.604Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{

dataType : CVE_RECORD (string)

containers : { »

adp : [ »

0 : { »

title : CVE Program Container (string)

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

tags : [ »

0 : x_transferred (string)

]

}

1 : { »

url : https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 (string)

tags : [ »

0 : x_transferred (string)

]

}

2 : { »

url : https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

tags : [ »

0 : x_transferred (string)

]

}

3 : { »

url : https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

tags : [ »

0 : x_transferred (string)

]

}

4 : { »

url : https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

tags : [ »

0 : x_transferred (string)

]

}

5 : { »

url : https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

tags : [ »

0 : x_transferred (string)

]

}

6 : { »

url : https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf (string)

tags : [ »

0 : x_transferred (string)

]

}

7 : { »

url : https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 (string)

tags : [ »

0 : x_transferred (string)

]

}

8 : { »

url : https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

tags : [ »

0 : x_transferred (string)

]

}

]

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-02T23:11:36.058Z (string)

}

1 : { »

metrics : [ »

0 : { »

other : { »

type : ssvc (string)

content : { »

id : CVE-2023-52813 (string)

role : CISA Coordinator (string)

options : [ »

0 : { »

Exploitation : none (string)

}

1 : { »

Automatable : no (string)

}

2 : { »

Technical Impact : partial (string)

}

]

version : 2.0.3 (string)

timestamp : 2024-05-23T17:18:51.048604Z (string)

}

]

providerMetadata : { »

orgId : 134c704f-9b21-4f2e-91b3-4a467353bcc0 (string)

shortName : CISA-ADP (string)

dateUpdated : 2024-05-23T17:19:02.984Z (string)

}

title : CISA ADP Vulnrichment (string)

}

]

cna : { »

title : crypto: pcrypt - Fix hungtask for PADATA_RESET (string)

affected : [ »

0 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

versionType : git (string)

}

1 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 039fec48e062504f14845124a1a25eb199b2ddc0 (string)

versionType : git (string)

}

2 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

versionType : git (string)

}

3 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

versionType : git (string)

}

4 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

versionType : git (string)

}

5 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

versionType : git (string)

}

6 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : e134f3aba98e6c801a693f540912c2d493718ddf (string)

versionType : git (string)

}

7 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 372636debe852913529b1716f44addd94fff2d28 (string)

versionType : git (string)

}

8 : { »

status : affected (string)

version : 16295bec6398a3eedc9377e1af6ff4c71b98c300 (string)

lessThan : 8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

versionType : git (string)

}

]

programFiles : [ »

0 : crypto/pcrypt.c (string)

1 : kernel/padata.c (string)

]

defaultStatus : unaffected (string)

}

1 : { »

repo : https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git (string)

vendor : Linux (string)

product : Linux (string)

versions : [ »

0 : { »

status : affected (string)

version : 2.6.34 (string)

}

1 : { »

status : unaffected (string)

version : 0 (string)

lessThan : 2.6.34 (string)

versionType : semver (string)

}

2 : { »

status : unaffected (string)

version : 4.14.331 (string)

versionType : semver (string)

lessThanOrEqual : 4.14.* (string)

}

3 : { »

status : unaffected (string)

version : 4.19.300 (string)

versionType : semver (string)

lessThanOrEqual : 4.19.* (string)

}

4 : { »

status : unaffected (string)

version : 5.4.262 (string)

versionType : semver (string)

lessThanOrEqual : 5.4.* (string)

}

5 : { »

status : unaffected (string)

version : 5.10.202 (string)

versionType : semver (string)

lessThanOrEqual : 5.10.* (string)

}

6 : { »

status : unaffected (string)

version : 5.15.140 (string)

versionType : semver (string)

lessThanOrEqual : 5.15.* (string)

}

7 : { »

status : unaffected (string)

version : 6.1.64 (string)

versionType : semver (string)

lessThanOrEqual : 6.1.* (string)

}

8 : { »

status : unaffected (string)

version : 6.5.13 (string)

versionType : semver (string)

lessThanOrEqual : 6.5.* (string)

}

9 : { »

status : unaffected (string)

version : 6.6.3 (string)

versionType : semver (string)

lessThanOrEqual : 6.6.* (string)

}

10 : { »

status : unaffected (string)

version : 6.7 (string)

versionType : original_commit_for_fix (string)

lessThanOrEqual : * (string)

}

]

programFiles : [ »

0 : crypto/pcrypt.c (string)

1 : kernel/padata.c (string)

]

defaultStatus : affected (string)

}

]

references : [ »

0 : { »

url : https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

}

1 : { »

url : https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 (string)

}

2 : { »

url : https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

}

3 : { »

url : https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

}

4 : { »

url : https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

}

5 : { »

url : https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

}

6 : { »

url : https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf (string)

}

7 : { »

url : https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 (string)

}

8 : { »

url : https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

}

]

x_generator : { »

engine : bippy-1.2.0 (string)

}

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. (string)

}

]

cpeApplicability : [ »

0 : { »

nodes : [ »

0 : { »

negate : false (boolean)

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.14.331 (string)

versionStartIncluding : 2.6.34 (string)

}

1 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 4.19.300 (string)

versionStartIncluding : 2.6.34 (string)

}

2 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.4.262 (string)

versionStartIncluding : 2.6.34 (string)

}

3 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.10.202 (string)

versionStartIncluding : 2.6.34 (string)

}

4 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 5.15.140 (string)

versionStartIncluding : 2.6.34 (string)

}

5 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.1.64 (string)

versionStartIncluding : 2.6.34 (string)

}

6 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.5.13 (string)

versionStartIncluding : 2.6.34 (string)

}

7 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.6.3 (string)

versionStartIncluding : 2.6.34 (string)

}

8 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

vulnerable : true (boolean)

versionEndExcluding : 6.7 (string)

versionStartIncluding : 2.6.34 (string)

}

]

operator : OR (string)

}

]

}

]

providerMetadata : { »

orgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

shortName : Linux (string)

dateUpdated : 2025-07-15T15:43:50.801Z (string)

}

cveMetadata : { »

cveId : CVE-2023-52813 (string)

state : PUBLISHED (string)

dateUpdated : 2025-07-15T15:43:50.801Z (string)

dateReserved : 2024-05-21T15:19:24.248Z (string)

assignerOrgId : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

datePublished : 2024-05-21T15:31:21.604Z (string)

assignerShortName : Linux (string)

}

dataVersion : 5.1 (string)

}

Show plain JSON

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\n\nWe found a hungtask bug in test_aead_vec_cfg as follows:\n\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n __switch_to+0x98/0xe0\n __schedule+0x6c4/0xf40\n schedule+0xd8/0x1b4\n schedule_timeout+0x474/0x560\n wait_for_common+0x368/0x4e0\n wait_for_completion+0x20/0x30\n wait_for_completion+0x20/0x30\n test_aead_vec_cfg+0xab4/0xd50\n test_aead+0x144/0x1f0\n alg_test_aead+0xd8/0x1e0\n alg_test+0x634/0x890\n cryptomgr_test+0x40/0x70\n kthread+0x1e0/0x220\n ret_from_fork+0x10/0x18\n Kernel panic - not syncing: hung_task: blocked tasks\n\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst->flags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon't call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(&wait->completion), which will cause\nhungtask.\n\nThe problem comes as following:\n(padata_do_parallel)                 |\n    rcu_read_lock_bh();              |\n    err = -EINVAL;                   |   (padata_replace)\n                                     |     pinst->flags |= PADATA_RESET;\n    err = -EBUSY                     |\n    if (pinst->flags & PADATA_RESET) |\n        rcu_read_unlock_bh()         |\n        return err\n\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\n\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask."}, {"lang": "es", "value": "En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: crypto: pcrypt - Reparar hungtask para PADATA_RESET. Encontramos un error de hungtask en test_aead_vec_cfg de la siguiente manera: INFORMACI\u00d3N: tarea cryptomgr_test:391009 bloqueada durante m\u00e1s de 120 segundos. \"echo 0 &gt; /proc/sys/kernel/hung_task_timeout_secs\" desactiva este mensaje. Seguimiento de llamadas: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 Schedule+0xd8/0x1b4 Schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_ve c_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+ 0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 kernel panic - no syncing: hung_task: tareas bloqueadas para el error for_completion (&amp;esperar-&gt;finalizaci\u00f3n) en test_aead_vec_cfg. En caso normal, se llamar\u00e1 aead_request_complete() en pcrypt_aead_serial y el error de retorno es 0 para padata_do_parallel. Pero, cuando pinst-&gt;flags es PADATA_RESET, el error de retorno es -EBUSY para padata_do_parallel y no llamar\u00e1 a aead_request_complete(). Por lo tanto, test_aead_vec_cfg se colgar\u00e1 en wait_for_completion(&amp;wait-&gt;completion), lo que provocar\u00e1 que se cuelgue la tarea. El problema viene de la siguiente manera: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst-&gt;flags |= PADATA_RESET; err = -EBUSY | si (pinst-&gt;flags &amp; PADATA_RESET) | rcu_read_unlock_bh() | return err Para resolver el problema, reemplazamos el retorno err -EBUSY con -EAGAIN, lo que significa que los datos_paralelos est\u00e1n cambiando y la persona que llama debe llamarlo nuevamente. v3: elimine el reintento y simplemente cambie el error de devoluci\u00f3n. v2: introduce padata_try_do_parallel() en pcrypt_aead_encrypt y pcrypt_aead_decrypt para resolver la tarea colgada."}], "id": "CVE-2023-52813", "lastModified": "2024-11-21T08:40:38.687", "metrics": {}, "published": "2024-05-21T16:15:19.477", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{

descriptions : [ »

0 : { »

lang : en (string)

value : In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. (string)

}

1 : { »

lang : es (string)

value : En el kernel de Linux, se resolvió la siguiente vulnerabilidad: crypto: pcrypt - Reparar hungtask para PADATA_RESET. Encontramos un error de hungtask en test_aead_vec_cfg de la siguiente manera: INFORMACIÓN: tarea cryptomgr_test:391009 bloqueada durante más de 120 segundos. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" desactiva este mensaje. Seguimiento de llamadas: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 Schedule+0xd8/0x1b4 Schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_ve c_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+ 0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 kernel panic - no syncing: hung_task: tareas bloqueadas para el error for_completion (&esperar->finalización) en test_aead_vec_cfg. En caso normal, se llamará aead_request_complete() en pcrypt_aead_serial y el error de retorno es 0 para padata_do_parallel. Pero, cuando pinst->flags es PADATA_RESET, el error de retorno es -EBUSY para padata_do_parallel y no llamará a aead_request_complete(). Por lo tanto, test_aead_vec_cfg se colgará en wait_for_completion(&wait->completion), lo que provocará que se cuelgue la tarea. El problema viene de la siguiente manera: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | si (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err Para resolver el problema, reemplazamos el retorno err -EBUSY con -EAGAIN, lo que significa que los datos_paralelos están cambiando y la persona que llama debe llamarlo nuevamente. v3: elimine el reintento y simplemente cambie el error de devolución. v2: introduce padata_try_do_parallel() en pcrypt_aead_encrypt y pcrypt_aead_decrypt para resolver la tarea colgada. (string)

}

]

id : CVE-2023-52813 (string)

lastModified : 2024-11-21T08:40:38.687 (string)

metrics : { *empty* }

published : 2024-05-21T16:15:19.477 (string)

references : [ »

0 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 (string)

}

1 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 (string)

}

2 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

}

3 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

}

4 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

}

5 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

}

6 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf (string)

}

7 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

}

8 : { »

source : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

url : https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 (string)

}

10 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 (string)

}

11 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 (string)

}

12 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 (string)

}

13 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e (string)

}

14 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 (string)

}

15 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf (string)

}

16 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d (string)

}

17 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 (string)

}

]

sourceIdentifier : 416baaa9-dc9f-4396-8d5f-8c081fb06d67 (string)

vulnStatus : Awaiting Analysis (string)

}

Show plain JSON

{"affected_release": [{"advisory": "RHSA-2024:4352", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-08T00:00:00Z"}, {"advisory": "RHSA-2024:4211", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.8.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-07-02T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2024:9315", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-503.11.1.el9_5", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-11-12T00:00:00Z"}, {"advisory": "RHSA-2025:7526", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "kernel-0:5.14.0-427.68.1.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-05-14T00:00:00Z"}], "bugzilla": {"description": "kernel: crypto: pcrypt - Fix hungtask for PADATA_RESET", "id": "2282653", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282653"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-833", "details": ["In the Linux kernel, the following vulnerability has been resolved:\ncrypto: pcrypt - Fix hungtask for PADATA_RESET\nWe found a hungtask bug in test_aead_vec_cfg as follows:\nINFO: task cryptomgr_test:391009 blocked for more than 120 seconds.\n\"echo 0 > /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\nCall trace:\n__switch_to+0x98/0xe0\n__schedule+0x6c4/0xf40\nschedule+0xd8/0x1b4\nschedule_timeout+0x474/0x560\nwait_for_common+0x368/0x4e0\nwait_for_completion+0x20/0x30\nwait_for_completion+0x20/0x30\ntest_aead_vec_cfg+0xab4/0xd50\ntest_aead+0x144/0x1f0\nalg_test_aead+0xd8/0x1e0\nalg_test+0x634/0x890\ncryptomgr_test+0x40/0x70\nkthread+0x1e0/0x220\nret_from_fork+0x10/0x18\nKernel panic - not syncing: hung_task: blocked tasks\nFor padata_do_parallel, when the return err is 0 or -EBUSY, it will call\nwait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal\ncase, aead_request_complete() will be called in pcrypt_aead_serial and the\nreturn err is 0 for padata_do_parallel. But, when pinst->flags is\nPADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it\nwon't call aead_request_complete(). Therefore, test_aead_vec_cfg will\nhung at wait_for_completion(&wait->completion), which will cause\nhungtask.\nThe problem comes as following:\n(padata_do_parallel)                 |\nrcu_read_lock_bh();              |\nerr = -EINVAL;                   |   (padata_replace)\n|     pinst->flags |= PADATA_RESET;\nerr = -EBUSY                     |\nif (pinst->flags & PADATA_RESET) |\nrcu_read_unlock_bh()         |\nreturn err\nIn order to resolve the problem, we replace the return err -EBUSY with\n-EAGAIN, which means parallel_data is changing, and the caller should call\nit again.\nv3:\nremove retry and just change the return err.\nv2:\nintroduce padata_try_do_parallel() in pcrypt_aead_encrypt and\npcrypt_aead_decrypt to solve the hungtask."], "name": "CVE-2023-52813", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-21T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-52813\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52813\nhttps://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52813-0704@gregkh/T"], "threat_severity": "Low"}

{

affected_release : [ »

0 : { »

advisory : RHSA-2024:4352 (string)

cpe : cpe:/a:redhat:enterprise_linux:8::nfv (string)

package : kernel-rt-0:4.18.0-553.8.1.rt7.349.el8_10 (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2024-07-08T00:00:00Z (string)

}

1 : { »

advisory : RHSA-2024:4211 (string)

cpe : cpe:/o:redhat:enterprise_linux:8 (string)

package : kernel-0:4.18.0-553.8.1.el8_10 (string)

product_name : Red Hat Enterprise Linux 8 (string)

release_date : 2024-07-02T00:00:00Z (string)

}

2 : { »

advisory : RHSA-2024:9315 (string)

cpe : cpe:/a:redhat:enterprise_linux:9 (string)

package : kernel-0:5.14.0-503.11.1.el9_5 (string)

product_name : Red Hat Enterprise Linux 9 (string)

release_date : 2024-11-12T00:00:00Z (string)

}

3 : { »

advisory : RHSA-2024:9315 (string)

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

package : kernel-0:5.14.0-503.11.1.el9_5 (string)

product_name : Red Hat Enterprise Linux 9 (string)

release_date : 2024-11-12T00:00:00Z (string)

}

4 : { »

advisory : RHSA-2025:7526 (string)

cpe : cpe:/a:redhat:rhel_eus:9.4 (string)

package : kernel-0:5.14.0-427.68.1.el9_4 (string)

product_name : Red Hat Enterprise Linux 9.4 Extended Update Support (string)

release_date : 2025-05-14T00:00:00Z (string)

}

]

bugzilla : { »

description : kernel: crypto: pcrypt - Fix hungtask for PADATA_RESET (string)

id : 2282653 (string)

url : https://bugzilla.redhat.com/show_bug.cgi?id=2282653 (string)

}

csaw : false (boolean)

cvss3 : { »

cvss3_base_score : 5.5 (string)

cvss3_scoring_vector : CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H (string)

status : verified (string)

}

cwe : CWE-833 (string)

details : [ »

0 : In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) | rcu_read_lock_bh(); | err = -EINVAL; | (padata_replace) | pinst->flags |= PADATA_RESET; err = -EBUSY | if (pinst->flags & PADATA_RESET) | rcu_read_unlock_bh() | return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask. (string)

]

name : CVE-2023-52813 (string)

package_state : [ »

0 : { »

cpe : cpe:/o:redhat:enterprise_linux:6 (string)

fix_state : Not affected (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 6 (string)

}

1 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

2 : { »

cpe : cpe:/o:redhat:enterprise_linux:7 (string)

fix_state : Out of support scope (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 7 (string)

}

3 : { »

cpe : cpe:/o:redhat:enterprise_linux:9 (string)

fix_state : Affected (string)

package_name : kernel-rt (string)

product_name : Red Hat Enterprise Linux 9 (string)

}

]

public_date : 2024-05-21T00:00:00Z (string)

references : [ »

0 : https://www.cve.org/CVERecord?id=CVE-2023-52813 https://nvd.nist.gov/vuln/detail/CVE-2023-52813 https://lore.kernel.org/linux-cve-announce/2024052103-CVE-2023-52813-0704@gregkh/T (string)

]

threat_severity : Low (string)

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object