We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Zendesk (Helpdesk and Chat)
Bugpilot (Bug tracking)

Ok

THREATINT CVE Home CVE Diag Help
PUBLISHED

CVE-2023-52638

can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock

Reserved:2024-03-06
Published:2024-04-03
Updated:2024-04-03

Description

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock The following 3 locks would race against each other, causing the deadlock situation in the Syzbot bug report: - j1939_socks_lock - active_session_list_lock - sk_session_queue_lock A reasonable fix is to change j1939_socks_lock to an rwlock, since in the rare situations where a write lock is required for the linked list that j1939_socks_lock is protecting, the code does not attempt to acquire any more locks. This would break the circular lock dependency, where, for example, the current thread already locks j1939_socks_lock and attempts to acquire sk_session_queue_lock, and at the same time, another thread attempts to acquire j1939_socks_lock while holding sk_session_queue_lock. NOTE: This patch along does not fix the unregister_netdevice bug reported by Syzbot; instead, it solves a deadlock situation to prepare for one or more further patches to actually fix the Syzbot bug, which appears to be a reference counting problem within the j1939 codebase. [mkl: remove unrelated newline change]

Product status

Default status
unaffected

1da177e4c3f4 before 03358aba9916
affected

1da177e4c3f4 before aedda066d717
affected

1da177e4c3f4 before 26dfe112ec2e
affected

1da177e4c3f4 before 559b6322f948
affected

1da177e4c3f4 before 6cdedc18ba7b
affected

Default status
affected

5.15.149
unaffected

6.1.79
unaffected

6.6.18
unaffected

6.7.6
unaffected

6.8
unaffected

References

https://git.kernel.org/stable/c/03358aba991668d3bb2c65b3c82aa32c36851170

https://git.kernel.org/stable/c/aedda066d717a0b4335d7e0a00b2e3a61e40afcf

https://git.kernel.org/stable/c/26dfe112ec2e95fe0099681f6aec33da13c2dd8e

https://git.kernel.org/stable/c/559b6322f9480bff68cfa98d108991e945a4f284

https://git.kernel.org/stable/c/6cdedc18ba7b9dacc36466e27e3267d201948c8d

cve.org CVE-2023-52638

nvd.nist.gov CVE-2023-52638

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2023-52638