CVE-2023-53231

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.25-android14-5-maybe-dirty-mainline

Description The Linux kernel contained an issue where the detection of atomic context was insufficient, potentially leading to problems when z erofs decompressqueue endio was called under an RCU lock from blk mq flush plug list. This could result in a sleeping function being called from an invalid context. The fix ensures proper decompression handling by checking for rcu read lock any held() and using a more appropriate !in task() check. Historically, erofs always scheduled a kworker for decompression, but an optimization was added to perform decompression directly in thread context when beneficial, such as when running with dm-verity.

Recommendations Update to Linux kernel version 6.1.25-android14-5-maybe-dirty-mainline or a later version to address this issue.