Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2023-52903
HistoryAug 21, 2024 - 12:00 a.m.

CVE-2023-52903

2024-08-2100:00:00
ubuntu.com
ubuntu.com
2
linux kernel
io_uring
lock overflow
iopoll
vulnerability

AI Score

7.6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON

In the Linux kernel, the following vulnerability has been resolved:
io_uring: lock overflowing for IOPOLL
syzbot reports an issue with overflow filling for IOPOLL:
WARNING: CPU: 0 PID: 28 at io_uring/io_uring.c:734
io_cqring_event_overflow+0x1c0/0x230 io_uring/io_uring.c:734
CPU: 0 PID: 28 Comm: kworker/u4:1 Not tainted
6.2.0-rc3-syzkaller-16369-g358a161a6a9e #0
Workqueue: events_unbound io_ring_exit_work
Call trace:
Ā io_cqring_event_overflow+0x1c0/0x230 io_uring/io_uring.c:734
Ā io_req_cqe_overflow+0x5c/0x70 io_uring/io_uring.c:773
Ā io_fill_cqe_req io_uring/io_uring.h:168 [inline]
Ā io_do_iopoll+0x474/0x62c io_uring/rw.c:1065
Ā io_iopoll_try_reap_events+0x6c/0x108 io_uring/io_uring.c:1513
Ā io_uring_try_cancel_requests+0x13c/0x258 io_uring/io_uring.c:3056
Ā io_ring_exit_work+0xec/0x390 io_uring/io_uring.c:2869
Ā process_one_work+0x2d8/0x504 kernel/workqueue.c:2289
Ā worker_thread+0x340/0x610 kernel/workqueue.c:2436
Ā kthread+0x12c/0x158 kernel/kthread.c:376
Ā ret_from_fork+0x10/0x20 arch/arm64/kernel/entry.S:863
There is no real problem for normal IOPOLL as flush is also called with
uring_lock taken, but itā€™s getting more complicated for IOPOLL|SQPOLL,
for which __io_cqring_overflow_flush() happens from the CQ waiting path.

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchlinux<Ā anyUNKNOWN
ubuntu22.04noarchlinux<Ā 5.15.0-70.77UNKNOWN
ubuntu20.04noarchlinux-aws<Ā anyUNKNOWN
ubuntu22.04noarchlinux-aws<Ā 5.15.0-1034.38UNKNOWN
ubuntu20.04noarchlinux-aws-5.15<Ā 5.15.0-1034.38~20.04.1UNKNOWN
ubuntu20.04noarchlinux-azure<Ā anyUNKNOWN
ubuntu22.04noarchlinux-azure<Ā 5.15.0-1036.43UNKNOWN
ubuntu20.04noarchlinux-azure-5.15<Ā 5.15.0-1036.43~20.04.1UNKNOWN
ubuntu22.04noarchlinux-azure-fde<Ā 5.15.0-1036.43.1UNKNOWN
ubuntu20.04noarchlinux-azure-fde-5.15<Ā 5.15.0-1036.43~20.04.1.1UNKNOWN
Rows per page:
1-10 of 361

Related

cvelist 1
vulnrichment 1
osv 1
debiancve 1
nvd 1
cve 1
redhatcve 1
cvelist
cvelist
CVE-2023-52903 io_uring: lock overflowing for IOPOLL
2024-08-21 06:10:43
vulnrichment
vulnrichment
CVE-2023-52903 io_uring: lock overflowing for IOPOLL
2024-08-21 06:10:43
osv
osv
CVE-2023-52903
2024-08-21 07:15:06
debiancve
debiancve
CVE-2023-52903
2024-08-21 07:15:06
nvd
nvd
CVE-2023-52903
2024-08-21 07:15:06
cve
cve
CVE-2023-52903
2024-08-21 07:15:06
redhatcve
redhatcve
CVE-2023-52903
2024-08-21 18:41:03

AI Score

7.6

Confidence

Low

EPSS

0

Percentile

5.1%

JSON
Related for UB:CVE-2023-52903
cvelist1vulnrichment1osv1debiancve1nvd1cve1redhatcve1