CVE-2023-53121

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> tcp: tcp_make_synack() can be called from process context<br /> <br /> tcp_rtx_synack() now could be called in process context as explained in<br /> 0a375c822497 ("tcp: tcp_rtx_synack() can be called from process<br /> context").<br /> <br /> tcp_rtx_synack() might call tcp_make_synack(), which will touch per-CPU<br /> variables with preemption enabled. This causes the following BUG:<br /> <br /> BUG: using __this_cpu_add() in preemptible [00000000] code: ThriftIO1/5464<br /> caller is tcp_make_synack+0x841/0xac0<br /> Call Trace:<br /> <br /> dump_stack_lvl+0x10d/0x1a0<br /> check_preemption_disabled+0x104/0x110<br /> tcp_make_synack+0x841/0xac0<br /> tcp_v6_send_synack+0x5c/0x450<br /> tcp_rtx_synack+0xeb/0x1f0<br /> inet_rtx_syn_ack+0x34/0x60<br /> tcp_check_req+0x3af/0x9e0<br /> tcp_rcv_state_process+0x59b/0x2030<br /> tcp_v6_do_rcv+0x5f5/0x700<br /> release_sock+0x3a/0xf0<br /> tcp_sendmsg+0x33/0x40<br /> ____sys_sendmsg+0x2f2/0x490<br /> __sys_sendmsg+0x184/0x230<br /> do_syscall_64+0x3d/0x90<br /> <br /> Avoid calling __TCP_INC_STATS() with will touch per-cpu variables. Use<br /> TCP_INC_STATS() which is safe to be called from context switch.