CVE - CVE-2023-52813

CVE-ID
CVE-2023-52813	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: crypto: pcrypt - Fix hungtask for PADATA_RESET We found a hungtask bug in test_aead_vec_cfg as follows: INFO: task cryptomgr_test:391009 blocked for more than 120 seconds. "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. Call trace: __switch_to+0x98/0xe0 __schedule+0x6c4/0xf40 schedule+0xd8/0x1b4 schedule_timeout+0x474/0x560 wait_for_common+0x368/0x4e0 wait_for_completion+0x20/0x30 wait_for_completion+0x20/0x30 test_aead_vec_cfg+0xab4/0xd50 test_aead+0x144/0x1f0 alg_test_aead+0xd8/0x1e0 alg_test+0x634/0x890 cryptomgr_test+0x40/0x70 kthread+0x1e0/0x220 ret_from_fork+0x10/0x18 Kernel panic - not syncing: hung_task: blocked tasks For padata_do_parallel, when the return err is 0 or -EBUSY, it will call wait_for_completion(&wait->completion) in test_aead_vec_cfg. In normal case, aead_request_complete() will be called in pcrypt_aead_serial and the return err is 0 for padata_do_parallel. But, when pinst->flags is PADATA_RESET, the return err is -EBUSY for padata_do_parallel, and it won't call aead_request_complete(). Therefore, test_aead_vec_cfg will hung at wait_for_completion(&wait->completion), which will cause hungtask. The problem comes as following: (padata_do_parallel) \| rcu_read_lock_bh(); \| err = -EINVAL; \| (padata_replace) \| pinst->flags \|= PADATA_RESET; err = -EBUSY \| if (pinst->flags & PADATA_RESET) \| rcu_read_unlock_bh() \| return err In order to resolve the problem, we replace the return err -EBUSY with -EAGAIN, which means parallel_data is changing, and the caller should call it again. v3: remove retry and just change the return err. v2: introduce padata_try_do_parallel() in pcrypt_aead_encrypt and pcrypt_aead_decrypt to solve the hungtask.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 URL:https://git.kernel.org/stable/c/039fec48e062504f14845124a1a25eb199b2ddc0 MISC:https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 URL:https://git.kernel.org/stable/c/372636debe852913529b1716f44addd94fff2d28 MISC:https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 URL:https://git.kernel.org/stable/c/546c1796ad1ed0d87dab3c4b5156d75819be2316 MISC:https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 URL:https://git.kernel.org/stable/c/8f4f68e788c3a7a696546291258bfa5fdb215523 MISC:https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e URL:https://git.kernel.org/stable/c/c55fc098fd9d2dca475b82d00ffbcaf97879d77e MISC:https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 URL:https://git.kernel.org/stable/c/c9c1334697301c10e6918d747ed38abfbc0c96e7 MISC:https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf URL:https://git.kernel.org/stable/c/e134f3aba98e6c801a693f540912c2d493718ddf MISC:https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d URL:https://git.kernel.org/stable/c/e97bf4ada7dddacd184c3e196bd063b0dc71b41d MISC:https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818 URL:https://git.kernel.org/stable/c/fb2d3a50a8f29a3c66682bb426144f40e32ab818
Assigning CNA
kernel.org
Date Record Created
20240521	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240521)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)