CVE-2023-52831

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> cpu/hotplug: Don&amp;#39;t offline the last non-isolated CPU<br /> <br /> If a system has isolated CPUs via the "isolcpus=" command line parameter,<br /> then an attempt to offline the last housekeeping CPU will result in a<br /> WARN_ON() when rebuilding the scheduler domains and a subsequent panic due<br /> to and unhandled empty CPU mas in partition_sched_domains_locked().<br /> <br /> cpuset_hotplug_workfn()<br /> rebuild_sched_domains_locked()<br /> ndoms = generate_sched_domains(&amp;doms, &amp;attr);<br /> cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));<br /> <br /> Thus results in an empty CPU mask which triggers the warning and then the<br /> subsequent crash:<br /> <br /> WARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408<br /> Call trace:<br /> build_sched_domains+0x120c/0x1408<br /> partition_sched_domains_locked+0x234/0x880<br /> rebuild_sched_domains_locked+0x37c/0x798<br /> rebuild_sched_domains+0x30/0x58<br /> cpuset_hotplug_workfn+0x2a8/0x930<br /> <br /> Unable to handle kernel paging request at virtual address fffe80027ab37080<br /> partition_sched_domains_locked+0x318/0x880<br /> rebuild_sched_domains_locked+0x37c/0x798<br /> <br /> Aside of the resulting crash, it does not make any sense to offline the last<br /> last housekeeping CPU.<br /> <br /> Prevent this by masking out the non-housekeeping CPUs when selecting a<br /> target CPU for initiating the CPU unplug operation via the work queue.