CVE-2023-53624

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/sched: sch_fq: fix integer overflow of "credit"<br /> <br /> if sch_fq is configured with "initial quantum" having values greater than<br /> INT_MAX, the first assignment of "credit" does signed integer overflow to<br /> a very negative value.<br /> In this situation, the syzkaller script provided by Cristoph triggers the<br /> CPU soft-lockup warning even with few sockets. It&amp;#39;s not an infinite loop,<br /> but "credit" wasn&amp;#39;t probably meant to be minus 2Gb for each new flow.<br /> Capping "initial quantum" to INT_MAX proved to fix the issue.<br /> <br /> v2: validation of "initial quantum" is done in fq_policy, instead of open<br /> coding in fq_change() _ suggested by Jakub Kicinski