PT-2024-8268 · Linux+6 · Linux Kernel+6

Christian Brauner

+2

·

Published

2023-12-12

·

Updated

2025-09-29

·

CVE-2023-52672

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The issue is related to a regression introduced by a commit that added general notification queue support, which caused resized pipes to lock up under certain conditions. This occurred because the commit resizing the pipe ring size was moved to a different function, resulting in the wakeup for pipe->wr wait being triggered before actually raising pipe->max usage. If a pipe was full before the resize occurred, it would result in the wakeup never actually triggering pipe write. The vulnerability is associated with incorrect blocking in the pipe resize ring() and pipe set size() functions in fs/pipe.c. Exploitation of this vulnerability could allow an attacker to cause a denial of service.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Resource Exhaustion

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-400CWE-667

Related Identifiers

ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
BDU:2024-09821
CVE-2023-52672
DLA-3842-1
INFSA-2025_6966
OESA-2024-1707
OESA-2024-1737
OPENSUSE-SU-2024_2372-1
OPENSUSE-SU-2024_2394-1
RHSA-2025:6966
RHSA-2025_6966
SUSE-SU-2024:2372-1
SUSE-SU-2024:2394-1
SUSE-SU-2024:2571-1
SUSE-SU-2024:2896-1
SUSE-SU-2024:2939-1
SUSE-SU-2024:2973-1
SUSE-SU-2025:20008-1
SUSE-SU-2025:20028-1
USN-6818-1
USN-6818-2
USN-6818-3
USN-6818-4
USN-6819-1
USN-6819-2
USN-6819-3
USN-6819-4

Affected Products

Astra Linux
Linuxmint
Linux Kernel
Red Hat
Red Os
Suse
Ubuntu