CVE-2023-54237
Gravedad:
Pendiente de análisis
Tipo:
No Disponible / Otro tipo
Fecha de publicación:
30/12/2025
Última modificación:
31/12/2025
Descripción
*** Pendiente de traducción *** In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
net/smc: fix potential panic dues to unprotected smc_llc_srv_add_link()<br />
<br />
There is a certain chance to trigger the following panic:<br />
<br />
PID: 5900 TASK: ffff88c1c8af4100 CPU: 1 COMMAND: "kworker/1:48"<br />
#0 [ffff9456c1cc79a0] machine_kexec at ffffffff870665b7<br />
#1 [ffff9456c1cc79f0] __crash_kexec at ffffffff871b4c7a<br />
#2 [ffff9456c1cc7ab0] crash_kexec at ffffffff871b5b60<br />
#3 [ffff9456c1cc7ac0] oops_end at ffffffff87026ce7<br />
#4 [ffff9456c1cc7ae0] page_fault_oops at ffffffff87075715<br />
#5 [ffff9456c1cc7b58] exc_page_fault at ffffffff87ad0654<br />
#6 [ffff9456c1cc7b80] asm_exc_page_fault at ffffffff87c00b62<br />
[exception RIP: ib_alloc_mr+19]<br />
RIP: ffffffffc0c9cce3 RSP: ffff9456c1cc7c38 RFLAGS: 00010202<br />
RAX: 0000000000000000 RBX: 0000000000000002 RCX: 0000000000000004<br />
RDX: 0000000000000010 RSI: 0000000000000000 RDI: 0000000000000000<br />
RBP: ffff88c1ea281d00 R8: 000000020a34ffff R9: ffff88c1350bbb20<br />
R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000000<br />
R13: 0000000000000010 R14: ffff88c1ab040a50 R15: ffff88c1ea281d00<br />
ORIG_RAX: ffffffffffffffff CS: 0010 SS: 0018<br />
#7 [ffff9456c1cc7c60] smc_ib_get_memory_region at ffffffffc0aff6df [smc]<br />
#8 [ffff9456c1cc7c88] smcr_buf_map_link at ffffffffc0b0278c [smc]<br />
#9 [ffff9456c1cc7ce0] __smc_buf_create at ffffffffc0b03586 [smc]<br />
<br />
The reason here is that when the server tries to create a second link,<br />
smc_llc_srv_add_link() has no protection and may add a new link to<br />
link group. This breaks the security environment protected by<br />
llc_conf_mutex.