CVE-2023-52501

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The vulnerability is related to the ring-buffer component in the Linux kernel. It occurs when the writer can corrupt the reader while iterating over the ring buffer, specifically when the last event is at the end of the page and has only 4 bytes left. The issue arises from the checks to detect corruption by the writer to reads, which need to see the length of the event. If the length in the first 4 bytes is zero, the length is stored in the second 4 bytes. However, if the writer is updating the code, there's a small window where the length in the first 4 bytes could be zero, even though the length is only 4 bytes. This can cause rb event length() to read the next 4 bytes, which could be off the allocated page. To protect against this, the system fails immediately if the next event pointer is less than 8 bytes from the end of the commit.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.