Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") introduce a new problem: // caller hold reconfig_mutex r5l_exit_log flush_work(&log->disable_writeback_work) r5c_disable_writeback_async wait_event /* * conf->log is not NULL, and mddev_trylock() * will fail, wait_event() can never pass. */ conf->log = NULL Fix this problem by setting 'config->log' to NULL before wake_up() as it used to be, so that wait_event() from r5c_disable_writeback_async() can exist. In the meantime, move forward md_unregister_thread() so that null-ptr-deref this commit fixed can still be fixed.
References
- https://git.kernel.org/stable/c/71cf23271f015a57038bdc4669952096f9fe5500
- https://git.kernel.org/stable/c/a705b11b358dee677aad80630e7608b2d5f56691
- https://git.kernel.org/stable/c/ac9e103f282a7854f3274ef5ff0742fbbe8d7d6b
- https://git.kernel.org/stable/c/c406984738215dc20ac2dc63e49d70f20797730e
FAQ
What is CVE-2023-53848?
CVE-2023-53848 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") intr...
How severe is CVE-2023-53848?
CVSS scoring is not yet available for CVE-2023-53848. Check NVD for updates.
Is there a patch for CVE-2023-53848?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.