CVE-2023-52740

2024-05-2116:15:13

416baaa9-dc9f-4396-8d5f-8c081fb06d67

web.nvd.nist.gov

linux kernel

vulnerability resolved

rfi

stf

msr

irq

crash

6.8 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

15.6%

JSON

In the Linux kernel, the following vulnerability has been resolved:

powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch

The RFI and STF security mitigation options can flip the
interrupt_exit_not_reentrant static branch condition concurrently with
the interrupt exit code which tests that branch.

Interrupt exit tests this condition to set MSR[EE|RI] for exit, then
again in the case a soft-masked interrupt is found pending, to recover
the MSR so the interrupt can be replayed before attempting to exit
again. If the condition changes between these two tests, the MSR and irq
soft-mask state will become corrupted, leading to warnings and possible
crashes. For example, if the branch is initially true then false,
MSR[EE] will be 0 but PACA_IRQ_HARD_DIS clear and EE may not get
enabled, leading to warnings in irq_64.c.

Affected configurations

Vulners

Node

linuxlinux_kernelRange5.14–5.15.94

linuxlinux_kernelRange5.16.0–6.1.12

linuxlinux_kernelRange6.2.0≥

CNA Affected

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/powerpc/kernel/interrupt.c"
    ],
    "versions": [
      {
        "version": "13799748b957",
        "lessThan": "86f7e4239336",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "13799748b957",
        "lessThan": "6f097c24815e",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "13799748b957",
        "lessThan": "2ea31e2e62bb",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "arch/powerpc/kernel/interrupt.c"
    ],
    "versions": [
      {
        "version": "5.14",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.14",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "5.15.94",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.1.12",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "custom"
      },
      {
        "version": "6.2",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]