CVE-2023-53070

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc1

Description A vulnerability in the Linux kernel has been resolved, related to the ACPI PPTT (Processor Properties Topology Table). The issue occurred when the PPTT was absent from the system, causing the acpi get pptt() function to be called from secondary CPUs in the atomic context, resulting in a potential sleep while waiting for a mutex. This led to a BUG message being printed, indicating a sleeping function was called from an invalid context. The estimated number of potentially affected devices is not provided.

Recommendations For Linux kernel versions prior to 6.3.0-rc1, update the kernel to a version that includes the fix for the PPTT issue, specifically the commit 0c80f9e165f8, to avoid the potential sleep in the atomic context when PPTT is absent. As a temporary workaround, consider modifying the acpi get pptt() function to return NULL when the PPTT is not available, avoiding any attempts to fetch PPTT and thereby avoiding any possible sleep waiting for a mutex in the atomic context.