CVE-2023-52506 Common Vulnerabilities and Exposures

Upstream information

CVE-2023-52506 at MITRE

Description

In the Linux kernel, the following vulnerability has been resolved:

LoongArch: Set all reserved memblocks on Node#0 at initialization

After commit 61167ad5fecdea ("mm: pass nid to reserve_bootmem_region()")
we get a panic if DEFERRED_STRUCT_PAGE_INIT is enabled:

[ 0.000000] CPU 0 Unable to handle kernel paging request at virtual address 0000000000002b82, era == 90000000040e3f28, ra == 90000000040e3f18
[ 0.000000] Oops[#1]:
[ 0.000000] CPU: 0 PID: 0 Comm: swapper Not tainted 6.5.0+ #733
[ 0.000000] pc 90000000040e3f28 ra 90000000040e3f18 tp 90000000046f4000 sp 90000000046f7c90
[ 0.000000] a0 0000000000000001 a1 0000000000200000 a2 0000000000000040 a3 90000000046f7ca0
[ 0.000000] a4 90000000046f7ca4 a5 0000000000000000 a6 90000000046f7c38 a7 0000000000000000
[ 0.000000] t0 0000000000000002 t1 9000000004b00ac8 t2 90000000040e3f18 t3 90000000040f0800
[ 0.000000] t4 00000000000f0000 t5 80000000ffffe07e t6 0000000000000003 t7 900000047fff5e20
[ 0.000000] t8 aaaaaaaaaaaaaaab u0 0000000000000018 s9 0000000000000000 s0 fffffefffe000000
[ 0.000000] s1 0000000000000000 s2 0000000000000080 s3 0000000000000040 s4 0000000000000000
[ 0.000000] s5 0000000000000000 s6 fffffefffe000000 s7 900000000470b740 s8 9000000004ad4000
[ 0.000000] ra: 90000000040e3f18 reserve_bootmem_region+0xec/0x21c
[ 0.000000] ERA: 90000000040e3f28 reserve_bootmem_region+0xfc/0x21c
[ 0.000000] CRMD: 000000b0 (PLV0 -IE -DA +PG DACF=CC DACM=CC -WE)
[ 0.000000] PRMD: 00000000 (PPLV0 -PIE -PWE)
[ 0.000000] EUEN: 00000000 (-FPE -SXE -ASXE -BTE)
[ 0.000000] ECFG: 00070800 (LIE=11 VS=7)
[ 0.000000] ESTAT: 00010800 [PIL] (IS=11 ECode=1 EsubCode=0)
[ 0.000000] BADV: 0000000000002b82
[ 0.000000] PRID: 0014d000 (Loongson-64bit, Loongson-3A6000)
[ 0.000000] Modules linked in:
[ 0.000000] Process swapper (pid: 0, threadinfo=(____ptrval____), task=(____ptrval____))
[ 0.000000] Stack : 0000000000000000 9000000002eb5430 0000003a00000020 90000000045ccd00
[ 0.000000] 900000000470e000 90000000002c1918 0000000000000000 9000000004110780
[ 0.000000] 00000000fe6c0000 0000000480000000 9000000004b4e368 9000000004110748
[ 0.000000] 0000000000000000 900000000421ca84 9000000004620000 9000000004564970
[ 0.000000] 90000000046f7d78 9000000002cc9f70 90000000002c1918 900000000470e000
[ 0.000000] 9000000004564970 90000000040bc0e0 90000000046f7d78 0000000000000000
[ 0.000000] 0000000000004000 90000000045ccd00 0000000000000000 90000000002c1918
[ 0.000000] 90000000002c1900 900000000470b700 9000000004b4df78 9000000004620000
[ 0.000000] 90000000046200a8 90000000046200a8 0000000000000000 9000000004218b2c
[ 0.000000] 9000000004270008 0000000000000001 0000000000000000 90000000045ccd00
[ 0.000000] ...
[ 0.000000] Call Trace:
[ 0.000000] [<90000000040e3f28>] reserve_bootmem_region+0xfc/0x21c
[ 0.000000] [<900000000421ca84>] memblock_free_all+0x114/0x350
[ 0.000000] [<9000000004218b2c>] mm_core_init+0x138/0x3cc
[ 0.000000] [<9000000004200e38>] start_kernel+0x488/0x7a4
[ 0.000000] [<90000000040df0d8>] kernel_entry+0xd8/0xdc
[ 0.000000]
[ 0.000000] Code: 02eb21ad 00410f4c 380c31ac <262b818d> 6800b70d 02c1c196 0015001c 57fe4bb1 260002cd

The reason is early memblock_reserve() in memblock_init() set node id to
MAX_NUMNODES, making NODE_DATA(nid) a NULL dereference in the call chain
reserve_bootmem_region() -> init_reserved_page(). After memblock_init(),
those late calls of memblock_reserve() operate on subregions of memblock
.memory regions. As a result, these reserved regions will be set to the
correct node at the first iteration of memmap_init_reserved_pages().

So set all reserved memblocks on Node#0 at initialization can avoid this
panic.

SUSE information

Overall state of this security issue: Resolved

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1220867 [RESOLVED / UPSTREAM]

No SUSE Security Announcements cross referenced.

Status of this issue by product and package

Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification. The updates are grouped by state of their lifecycle. SUSE product lifecycles are documented on the lifecycle page.

Product(s)	Source package	State
Products under general support and receiving all security fixes.
SUSE Linux Enterprise Desktop 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Desktop 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Micro 5.1	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.1	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.1	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.2	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.2	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.2	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.3	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.3	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.3	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.4	kernel-default	Not affected
SUSE Linux Enterprise Micro 5.4	kernel-rt	Not affected
SUSE Linux Enterprise Micro 5.4	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 5.5	kernel-source-rt	Not affected
SUSE Linux Enterprise Micro 6.0	kernel-source	Not affected
SUSE Linux Enterprise Micro 6.0	kernel-source-rt	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Module for Public Cloud 15 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Real Time 15 SP5	kernel-source-rt	Not affected
SUSE Linux Enterprise Server 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP5	kernel-source-azure	Not affected
SUSE Manager Proxy 4.3	kernel-default	Not affected
SUSE Manager Proxy 4.3	kernel-source	Not affected
SUSE Manager Proxy 4.3	kernel-source-azure	Not affected
SUSE Manager Retail Branch Server 4.3	kernel-default	Not affected
SUSE Manager Retail Branch Server 4.3	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.3	kernel-source-azure	Not affected
SUSE Manager Server 4.3	kernel-default	Not affected
SUSE Manager Server 4.3	kernel-source	Not affected
SUSE Manager Server 4.3	kernel-source-azure	Not affected
SUSE Real Time Module 15 SP5	kernel-source-rt	Not affected
openSUSE Leap 15.5	kernel-source	Not affected
openSUSE Leap 15.5	kernel-source-azure	Not affected
openSUSE Leap 15.5	kernel-source-rt	Not affected
Products under Long Term Service Pack support and receiving important and critical security fixes.
SUSE Linux Enterprise Desktop 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2	kernel-source-azure	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3	kernel-source-azure	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4	kernel-source-azure	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS	kernel-default	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Module for Public Cloud 15 SP4	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE	kernel-default	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 12 SP5-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP5-LTSS	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP2	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 15 SP2-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP2-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP3	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 15 SP3-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP3-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP4	kernel-source-azure	Not affected
SUSE Linux Enterprise Server 15 SP4-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP5	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP2	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP2	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP3	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP3	kernel-source-azure	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP4	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP4	kernel-source-azure	Not affected
Products past their end of life and not receiving proactive updates anymore.
HPE Helion OpenStack 8	kernel-source	Not affected
SUSE CaaS Platform 4.0	kernel-source	Not affected
SUSE CaaS Platform Toolchain 3	kernel-source	Not affected
SUSE Enterprise Storage 6	kernel-source	Not affected
SUSE Enterprise Storage 7	kernel-source	Not affected
SUSE Enterprise Storage 7	kernel-source-azure	Not affected
SUSE Enterprise Storage 7.1	kernel-default	Not affected
SUSE Enterprise Storage 7.1	kernel-source	Not affected
SUSE Enterprise Storage 7.1	kernel-source-azure	Not affected
SUSE Linux Enterprise Desktop 11 SP4	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Desktop 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Desktop 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise High Performance Computing 15-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Micro 5.0	kernel-default	Not affected
SUSE Linux Enterprise Module for Basesystem 15	kernel-source	Not affected
SUSE Linux Enterprise Module for Basesystem 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15	kernel-source	Not affected
SUSE Linux Enterprise Module for Development Tools 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Module for Public Cloud 15 SP2	kernel-source-azure	Not affected
SUSE Linux Enterprise Module for Public Cloud 15 SP3	kernel-source-azure	Not affected
SUSE Linux Enterprise Point of Sale 12 SP2-CLIENT	kernel-source	Not affected
SUSE Linux Enterprise Real Time 12 SP5	kernel-source-rt	Not affected
SUSE Linux Enterprise Real Time 15 SP2	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP3	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP3	kernel-source-rt	Not affected
SUSE Linux Enterprise Real Time 15 SP4	kernel-source	Not affected
SUSE Linux Enterprise Real Time 15 SP4	kernel-source-rt	Not affected
SUSE Linux Enterprise Server 11 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 11 SP4 LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 11 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP2-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP2-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP3-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4-ESPOS	kernel-source	Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 12 SP4-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15 SP1-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP2-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 15 SP3-BCL	kernel-source	Not affected
SUSE Linux Enterprise Server 15-LTSS	kernel-default	Not affected
SUSE Linux Enterprise Server 15-LTSS	kernel-source	Not affected
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP2	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP2	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP3	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4	kernel-default	Not affected
SUSE Linux Enterprise Server for SAP Applications 12 SP4	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15	kernel-source	Not affected
SUSE Linux Enterprise Server for SAP Applications 15 SP1	kernel-source	Not affected
SUSE Manager Proxy 4.0	kernel-source	Not affected
SUSE Manager Proxy 4.1	kernel-source	Not affected
SUSE Manager Proxy 4.1	kernel-source-azure	Not affected
SUSE Manager Proxy 4.2	kernel-source	Not affected
SUSE Manager Proxy 4.2	kernel-source-azure	Not affected
SUSE Manager Retail Branch Server 4.0	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.1	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.1	kernel-source-azure	Not affected
SUSE Manager Retail Branch Server 4.2	kernel-source	Not affected
SUSE Manager Retail Branch Server 4.2	kernel-source-azure	Not affected
SUSE Manager Server 4.0	kernel-source	Not affected
SUSE Manager Server 4.1	kernel-source	Not affected
SUSE Manager Server 4.1	kernel-source-azure	Not affected
SUSE Manager Server 4.2	kernel-source	Not affected
SUSE Manager Server 4.2	kernel-source-azure	Not affected
SUSE OpenStack Cloud 7	kernel-source	Not affected
SUSE OpenStack Cloud 8	kernel-source	Not affected
SUSE OpenStack Cloud 9	kernel-default	Not affected
SUSE OpenStack Cloud 9	kernel-source	Not affected
SUSE OpenStack Cloud Crowbar 8	kernel-source	Not affected
SUSE OpenStack Cloud Crowbar 9	kernel-default	Not affected
SUSE OpenStack Cloud Crowbar 9	kernel-source	Not affected
SUSE Real Time Module 15 SP3	kernel-source-rt	Not affected
SUSE Real Time Module 15 SP4	kernel-source-rt	Not affected
openSUSE Leap 15.3	kernel-source	Not affected
openSUSE Leap 15.3	kernel-source-azure	Not affected
openSUSE Leap 15.3	kernel-source-rt	Not affected
openSUSE Leap 15.4	kernel-source	Not affected
openSUSE Leap 15.4	kernel-source-azure	Not affected
openSUSE Leap 15.4	kernel-source-rt	Not affected
Products at an unknown state of their lifecycle.
SUSE Linux Enterprise Server LTSS Extended Security 12-SP5	kernel-source	Not affected
SUSE Linux Enterprise Server LTSS Extended Security 12-SP5	kernel-source-azure	Not affected

SUSE Timeline for this CVE

CVE page created: Sun Mar 3 01:00:11 2024
CVE page last modified: Tue Nov 12 19:42:25 2024