{ "threat_severity" : "Moderate", "public_date" : "2024-05-17T00:00:00Z", "bugzilla" : { "description" : "kernel: pipe: wakeup wr_wait after setting max_usage", "id" : "2281340", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2281340" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\npipe: wakeup wr_wait after setting max_usage\nCommit c73be61cede5 (\"pipe: Add general notification queue support\") a\nregression was introduced that would lock up resized pipes under certain\nconditions. See the reproducer in [1].\nThe commit resizing the pipe ring size was moved to a different\nfunction, doing that moved the wakeup for pipe->wr_wait before actually\nraising pipe->max_usage. If a pipe was full before the resize occured it\nwould result in the wakeup never actually triggering pipe_write.\nSet @max_usage and @nr_accounted before waking writers if this isn't a\nwatch queue.\n[Christian Brauner : rewrite to account for watch queues]", "CVE-2023-52672 is a vulnerability in the Linux kernel's pipe subsystem caused by a regression in how pipes are resized. When a pipe is full and resized, incorrect handling of wakeups for writers can lead to deadlocks or system lockups. This issue has been resolved by ensuring that the pipe's usage limits are updated before wakeup calls are triggered, avoiding race conditions. Updating to a patched kernel version will mitigate this vulnerability and ensure system stability." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-05-13T00:00:00Z", "advisory" : "RHSA-2025:6966", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-570.12.1.el9_6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Will not fix", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-52672\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-52672\nhttps://lore.kernel.org/linux-cve-announce/2024051729-CVE-2023-52672-f30c@gregkh/T" ], "name" : "CVE-2023-52672", "csaw" : false }