CVE-2023-52587

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.18.0-372.75.1.el8 6

Description The vulnerability is related to the IB/ipoib component of the Linux kernel. It occurs when the priv->lock is released while iterating the priv->multicast list in ipoib mcast join task(), allowing ipoib mcast dev flush() to remove items during iteration. If the mcast is removed while the lock is dropped, the for loop spins forever, resulting in a hard lockup. This issue can be fixed by keeping the lock held and changing to GFP ATOMIC to prevent eventual sleeps.

Recommendations To resolve this issue, update the Linux kernel to a version that includes the fix for the IB/ipoib component, specifically the patch that addresses the mcast list locking issue. As a temporary workaround, consider disabling the ipoib mcast join task() function until a patch is available. However, this may have unintended consequences and should be carefully evaluated before implementation.