PT-2024-8255 · Linux+5 · Linux Kernel+5

Syzbot

Published

2024-02-02

Updated

2025-02-03

CVE-2023-52699

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions: Linux kernel versions 2.5.12 through 2.6.8

Description: The issue is related to a deadlock bug in the Linux kernel's sysv filesystem. The problem occurs when sb bread() is called with pointers lock held, leading to a "write lock(&pointers lock) => read lock(&pointers lock) deadlock" bug. This bug was introduced in Linux 2.5.12 and partially fixed in Linux 2.6.8, but the fix introduced another bug. The vulnerability can cause a denial of service.

Recommendations: To resolve the issue, update the Linux kernel to a version that includes the fix for the sysv filesystem deadlock bug. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BDU:2024-09808

CVE-2023-52699

DLA-3840-1

DLA-3842-1

OESA-2024-1692

OESA-2024-1693

OESA-2024-1694

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2190-1

SUSE-SU-2024:2571-1

SUSE-SU-2024:2896-1

SUSE-SU-2024:2973-1

SUSE-SU-2025:20008-1

SUSE-SU-2025:20028-1

USN-6893-1

USN-6893-2

USN-6893-3

USN-6896-1

USN-6896-2

USN-6896-3

USN-6896-4

USN-6896-5

USN-6898-1

USN-6898-2

USN-6898-3

USN-6898-4

USN-6917-1

USN-6918-1

USN-6919-1

USN-6927-1

USN-7019-1

Affected Products

Astra Linux

Linuxmint

Linux Kernel

Red Os

Suse

Ubuntu

PT-2024-8255 · Linux+5 · Linux Kernel+5

CVE-2023-52699

Weakness Enumeration

Related Identifiers

Affected Products

References · 3352