CVE-2023-53655

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc2-00320-g1f5abbd77e2c

Description A stack overflow can occur due to the rcu irq enter check tick() function being probed. Registering a kprobe on this function can lead to a kernel stack overflow when CONFIG NO HZ FULL is enabled and the kernel is booted with the argument "nohz full=". The issue is reproducible by enabling CONFIG NO HZ FULL, booting the kernel with the specified argument, and then using the following commands: cd /sys/kernel/tracing/, echo 'p:mp1 rcu irq enter check tick' >> kprobe events, and echo 1 > events/kprobes/enable. The commit resolves this by adding rcu irq enter check tick() to the kprobes blacklist using NOKPROBE SYMBOL().

Recommendations Update to a version later than 6.2.0-rc2-00320-g1f5abbd77e2c.