CVE-2023-52615

hwrng: core - Fix page fault dead lock on mmap-ed hwrng

Severity Score

4.4

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track

*SSVC

Descriptions

In the Linux kernel, the following vulnerability has been resolved:

hwrng: core - Fix page fault dead lock on mmap-ed hwrng

There is a dead-lock in the hwrng device read path. This triggers
when the user reads from /dev/hwrng into memory also mmap-ed from
/dev/hwrng. The resulting page fault triggers a recursive read
which then dead-locks.

Fix this by using a stack buffer when calling copy_to_user.

En el kernel de Linux, se resolvió la siguiente vulnerabilidad: hwrng: core: soluciona el bloqueo de falla de página en mmap-ed hwrng Hay un bloqueo en la ruta de lectura del dispositivo hwrng. Esto se activa cuando el usuario lee desde /dev/hwrng en la memoria y también realiza mmap-ed desde /dev/hwrng. El error de página resultante desencadena una lectura recursiva que luego se bloquea. Solucione este problema utilizando un búfer de pila al llamar a copy_to_user.

A vulnerability was found in the hwrng component of the Linux kernel, which caused a deadlock when reading from /dev/hwrng into memory and mmap-ed from /dev/hwrng. This issue is triggered by a recursive read during a page fault and allows a local, authenticated attacker to cause a denial of service.

*Credits: N/A

CVSS Scores

Red Hatv3.1 4.4

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

None

Availability

High

* Common Vulnerability Scoring System

SSVC

Decision:Track

Exploitation

None

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2024-03-06 CVE Reserved
2024-03-18 CVE Published
2024-03-19 EPSS Updated
2024-09-11 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-400: Uncontrolled Resource Consumption

CAPEC

References (13)

URL	Tag	Source
https://git.kernel.org/stable/c/9996508b3353063f2d6c48c1a28a84543d72d70b	Vuln. Introduced
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

URL	Date	SRC

URL	Date	SRC
https://git.kernel.org/stable/c/eafd83b92f6c044007a3591cbd476bcf90455990	2024-02-23
https://git.kernel.org/stable/c/5030d4c798863ccb266563201b341a099e8cdd48	2024-02-23
https://git.kernel.org/stable/c/c6a8111aacbfe7a8a70f46cc0de8eed00561693c	2024-02-23
https://git.kernel.org/stable/c/26cc6d7006f922df6cc4389248032d955750b2a0	2024-02-23
https://git.kernel.org/stable/c/aa8aa16ed9adf1df05bb339d588cf485a011839e	2024-02-01
https://git.kernel.org/stable/c/ecabe8cd456d3bf81e92c53b074732f3140f170d	2024-02-01
https://git.kernel.org/stable/c/6822a14271786150e178869f1495cc03e74c5029	2024-02-01
https://git.kernel.org/stable/c/78aafb3884f6bc6636efcc1760c891c8500b9922	2023-12-08

URL	Date	SRC
https://access.redhat.com/security/cve/CVE-2023-52615	2024-07-08
https://bugzilla.redhat.com/show_bug.cgi?id=2270093	2024-07-08

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 4.19.307 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 4.19.307"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 5.4.269 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 5.4.269"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 5.10.210 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 5.10.210"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 5.15.149 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 5.15.149"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 6.1.76 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 6.1.76"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 6.6.15 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 6.6.15"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 6.7.3 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 6.7.3"		en		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.33 < 6.8 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.33 < 6.8"		en		Affected