Lucene search

Debian Security Bug TrackerDEBIANCVE:CVE-2023-52633

HistoryApr 02, 2024 - 7:15 a.m.

CVE-2023-52633

2024-04-0207:15:41

Debian Security Bug Tracker

security-tracker.debian.org

linux kernel

vulnerability

cve-2023-52633

time corruption

fix

time-travel

interrupts

adjustment

AI Score

6.9

Confidence

High

EPSS

Percentile

15.5%

JSON

In the Linux kernel, the following vulnerability has been resolved: um: time-travel: fix time corruption In ‘basic’ time-travel mode (without =inf-cpu or =ext), we still get timer interrupts. These can happen at arbitrary points in time, i.e. while in timer_read(), which pushes time forward just a little bit. Then, if we happen to get the interrupt after calculating the new time to push to, but before actually finishing that, the interrupt will set the time to a value that’s incompatible with the forward, and we’ll crash because time goes backwards when we do the forwarding. Fix this by reading the time_travel_time, calculating the adjustment, and doing the adjustment all with interrupts disabled.

OSVersionArchitecturePackageVersionFilename
Debian12alllinux< 6.1.82-1linux_6.1.82-1_all.deb
Debian11alllinux<= 5.10.223-1linux_5.10.223-1_all.deb
Debian999alllinux< 6.7.7-1linux_6.7.7-1_all.deb
Debian13alllinux< 6.7.7-1linux_6.7.7-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	linux	< 6.1.82-1	linux_6.1.82-1_all.deb
Debian	11	all	linux	<= 5.10.223-1	linux_5.10.223-1_all.deb
Debian	999	all	linux	< 6.7.7-1	linux_6.7.7-1_all.deb
Debian	13	all	linux	< 6.7.7-1	linux_6.7.7-1_all.deb