CVE-2023-53727
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
22/10/2025
Última modificación:
15/04/2026
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net/sched: fq_pie: avoid stalls in fq_pie_timer()<br />
<br />
When setting a high number of flows (limit being 65536),<br />
fq_pie_timer() is currently using too much time as syzbot reported.<br />
<br />
Add logic to yield the cpu every 2048 flows (less than 150 usec<br />
on debug kernels).<br />
It should also help by not blocking qdisc fast paths for too long.<br />
Worst case (65536 flows) would need 31 jiffies for a complete scan.<br />
<br />
Relevant extract from syzbot report:<br />
<br />
rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 2663 jiffies s: 873 root: 0x1/.<br />
rcu: blocking rcu_node structures (internal RCU debug):<br />
Sending NMI from CPU 1 to CPUs 0:<br />
NMI backtrace for cpu 0<br />
CPU: 0 PID: 5177 Comm: syz-executor273 Not tainted 6.5.0-syzkaller-00453-g727dbda16b83 #0<br />
Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023<br />
RIP: 0010:check_kcov_mode kernel/kcov.c:173 [inline]<br />
RIP: 0010:write_comp_data+0x21/0x90 kernel/kcov.c:236<br />
Code: 2e 0f 1f 84 00 00 00 00 00 65 8b 05 01 b2 7d 7e 49 89 f1 89 c6 49 89 d2 81 e6 00 01 00 00 49 89 f8 65 48 8b 14 25 80 b9 03 00 00 01 ff 00 74 0e 85 f6 74 59 8b 82 04 16 00 00 85 c0 74 4f 8b<br />
RSP: 0018:ffffc90000007bb8 EFLAGS: 00000206<br />
RAX: 0000000000000101 RBX: ffffc9000dc0d140 RCX: ffffffff885893b0<br />
RDX: ffff88807c075940 RSI: 0000000000000100 RDI: 0000000000000001<br />
RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000<br />
R10: 0000000000000000 R11: 0000000000000000 R12: ffffc9000dc0d178<br />
R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000<br />
FS: 0000555555d54380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000<br />
CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br />
CR2: 00007f6b442f6130 CR3: 000000006fe1c000 CR4: 00000000003506f0<br />
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000<br />
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400<br />
Call Trace:<br />
<br />
<br />
<br />
pie_calculate_probability+0x480/0x850 net/sched/sch_pie.c:415<br />
fq_pie_timer+0x1da/0x4f0 net/sched/sch_fq_pie.c:387<br />
call_timer_fn+0x1a0/0x580 kernel/time/timer.c:1700
Impacto
Referencias a soluciones, herramientas e información
- https://git.kernel.org/stable/c/8c21ab1bae945686c602c5bfa4e3f3352c2452c5
- https://git.kernel.org/stable/c/94d527c3759d76c29220758362f622954612bea7
- https://git.kernel.org/stable/c/973a4c302d7f3804098ff9824d9f56926901f293
- https://git.kernel.org/stable/c/e093000e7d13569c9cb07d7500acd5142c3c43cb
- https://git.kernel.org/stable/c/f39b49077abec4c9c3a4c2966532004851c51006