CVE-2023-52633

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.149 Linux kernel versions prior to 6.1.77 Linux kernel versions prior to 6.6.16 Linux kernel versions prior to 6.7.4

Description The issue is related to time corruption in the Linux kernel's 'basic' time-travel mode. Timer interrupts can occur at arbitrary points, causing time to go backwards and resulting in a crash. The problem arises when the interrupt happens after calculating the new time but before finishing the adjustment. To fix this, the time travel time is read, the adjustment is calculated, and the adjustment is made with interrupts disabled. The timer read function is involved in this process.

Recommendations For Linux kernel versions prior to 5.15.149, update to version 5.15.149 or later. For Linux kernel versions prior to 6.1.77, update to version 6.1.77 or later. For Linux kernel versions prior to 6.6.16, update to version 6.6.16 or later. For Linux kernel versions prior to 6.7.4, update to version 6.7.4 or later. As a temporary workaround, consider disabling the timer read function until a patch is available. Restrict access to the vulnerable time-travel mode to minimize the risk of exploitation. Avoid using the time travel time variable in the affected API endpoint until the issue is resolved.