Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-52604): Linux kernel (OEM) vulnerabilities

Free InsightVM Trial No Credit Card Necessary

2024 Attack Intel Report Latest research by Rapid7 Labs

Back to Search

Ubuntu: (Multiple Advisories) (CVE-2023-52604): Linux kernel (OEM) vulnerabilities

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:P/A:P)

Published

03/06/2024

Created

03/13/2024

Added

03/12/2024

Modified

07/15/2024

Description

In the Linux kernel, the following vulnerability has been resolved: FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree Syzkaller reported the following issue: UBSAN: array-index-out-of-bounds in fs/jfs/jfs_dmap.c:2867:6 index 196694 is out of range for type 's8[1365]' (aka 'signed char[1365]') CPU: 1 PID: 109 Comm: jfsCommit Not tainted 6.6.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106 ubsan_epilogue lib/ubsan.c:217 [inline] __ubsan_handle_out_of_bounds+0x11c/0x150 lib/ubsan.c:348 dbAdjTree+0x474/0x4f0 fs/jfs/jfs_dmap.c:2867 dbJoin+0x210/0x2d0 fs/jfs/jfs_dmap.c:2834 dbFreeBits+0x4eb/0xda0 fs/jfs/jfs_dmap.c:2331 dbFreeDmap fs/jfs/jfs_dmap.c:2080 [inline] dbFree+0x343/0x650 fs/jfs/jfs_dmap.c:402 txFreeMap+0x798/0xd50 fs/jfs/jfs_txnmgr.c:2534 txUpdateMap+0x342/0x9e0 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline] jfs_lazycommit+0x47a/0xb70 fs/jfs/jfs_txnmgr.c:2732 kthread+0x2d3/0x370 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 </TASK> ================================================================================ Kernel panic - not syncing: UBSAN: panic_on_warn set ... CPU: 1 PID: 109 Comm: jfsCommit Not tainted 6.6.0-rc3-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/04/2023 Call Trace: <TASK> __dump_stack lib/dump_stack.c:88 [inline] dump_stack_lvl+0x1e7/0x2d0 lib/dump_stack.c:106 panic+0x30f/0x770 kernel/panic.c:340 check_panic_on_warn+0x82/0xa0 kernel/panic.c:236 ubsan_epilogue lib/ubsan.c:223 [inline] __ubsan_handle_out_of_bounds+0x13c/0x150 lib/ubsan.c:348 dbAdjTree+0x474/0x4f0 fs/jfs/jfs_dmap.c:2867 dbJoin+0x210/0x2d0 fs/jfs/jfs_dmap.c:2834 dbFreeBits+0x4eb/0xda0 fs/jfs/jfs_dmap.c:2331 dbFreeDmap fs/jfs/jfs_dmap.c:2080 [inline] dbFree+0x343/0x650 fs/jfs/jfs_dmap.c:402 txFreeMap+0x798/0xd50 fs/jfs/jfs_txnmgr.c:2534 txUpdateMap+0x342/0x9e0 txLazyCommit fs/jfs/jfs_txnmgr.c:2664 [inline] jfs_lazycommit+0x47a/0xb70 fs/jfs/jfs_txnmgr.c:2732 kthread+0x2d3/0x370 kernel/kthread.c:388 ret_from_fork+0x48/0x80 arch/x86/kernel/process.c:147 ret_from_fork_asm+0x11/0x20 arch/x86/entry/entry_64.S:304 </TASK> Kernel Offset: disabled Rebooting in 86400 seconds.. The issue is caused when the value of lp becomes greater than CTLTREESIZE which is the max size of stree. Adding a simple check solves this issue. Dave: As the function returns a void, good error handling would require a more intrusive code reorganization, so I modified Osama's patch at use WARN_ON_ONCE for lack of a cleaner option. The patch is tested via syzbot.

Solution(s)

ubuntu-upgrade-linux-image-4-15-0-1131-oracle
ubuntu-upgrade-linux-image-4-15-0-1152-kvm
ubuntu-upgrade-linux-image-4-15-0-1162-gcp
ubuntu-upgrade-linux-image-4-15-0-1168-aws
ubuntu-upgrade-linux-image-4-15-0-1177-azure
ubuntu-upgrade-linux-image-4-15-0-225-generic
ubuntu-upgrade-linux-image-4-15-0-225-lowlatency
ubuntu-upgrade-linux-image-4-4-0-1131-aws
ubuntu-upgrade-linux-image-4-4-0-1132-kvm
ubuntu-upgrade-linux-image-4-4-0-1169-aws
ubuntu-upgrade-linux-image-4-4-0-254-generic
ubuntu-upgrade-linux-image-4-4-0-254-lowlatency
ubuntu-upgrade-linux-image-5-15-0-1044-gkeop
ubuntu-upgrade-linux-image-5-15-0-1054-ibm
ubuntu-upgrade-linux-image-5-15-0-1054-nvidia
ubuntu-upgrade-linux-image-5-15-0-1054-nvidia-lowlatency
ubuntu-upgrade-linux-image-5-15-0-1054-raspi
ubuntu-upgrade-linux-image-5-15-0-1057-intel-iotg
ubuntu-upgrade-linux-image-5-15-0-1058-gke
ubuntu-upgrade-linux-image-5-15-0-1058-intel-iotg
ubuntu-upgrade-linux-image-5-15-0-1058-kvm
ubuntu-upgrade-linux-image-5-15-0-1059-gcp
ubuntu-upgrade-linux-image-5-15-0-1059-oracle
ubuntu-upgrade-linux-image-5-15-0-106-generic
ubuntu-upgrade-linux-image-5-15-0-106-generic-64k
ubuntu-upgrade-linux-image-5-15-0-106-generic-lpae
ubuntu-upgrade-linux-image-5-15-0-106-lowlatency
ubuntu-upgrade-linux-image-5-15-0-106-lowlatency-64k
ubuntu-upgrade-linux-image-5-15-0-1061-aws
ubuntu-upgrade-linux-image-5-15-0-1063-azure
ubuntu-upgrade-linux-image-5-15-0-1063-azure-fde
ubuntu-upgrade-linux-image-5-4-0-1036-iot
ubuntu-upgrade-linux-image-5-4-0-1043-xilinx-zynqmp
ubuntu-upgrade-linux-image-5-4-0-1071-ibm
ubuntu-upgrade-linux-image-5-4-0-1084-bluefield
ubuntu-upgrade-linux-image-5-4-0-1091-gkeop
ubuntu-upgrade-linux-image-5-4-0-1108-raspi
ubuntu-upgrade-linux-image-5-4-0-1112-kvm
ubuntu-upgrade-linux-image-5-4-0-1123-oracle
ubuntu-upgrade-linux-image-5-4-0-1124-aws
ubuntu-upgrade-linux-image-5-4-0-1128-gcp
ubuntu-upgrade-linux-image-5-4-0-1129-azure
ubuntu-upgrade-linux-image-5-4-0-181-generic
ubuntu-upgrade-linux-image-5-4-0-181-generic-lpae
ubuntu-upgrade-linux-image-5-4-0-181-lowlatency
ubuntu-upgrade-linux-image-6-1-0-1035-oem
ubuntu-upgrade-linux-image-6-5-0-1014-starfive
ubuntu-upgrade-linux-image-6-5-0-1016-laptop
ubuntu-upgrade-linux-image-6-5-0-1017-raspi
ubuntu-upgrade-linux-image-6-5-0-1019-nvidia
ubuntu-upgrade-linux-image-6-5-0-1019-nvidia-64k
ubuntu-upgrade-linux-image-6-5-0-1020-aws
ubuntu-upgrade-linux-image-6-5-0-1020-gcp
ubuntu-upgrade-linux-image-6-5-0-1021-azure
ubuntu-upgrade-linux-image-6-5-0-1021-azure-fde
ubuntu-upgrade-linux-image-6-5-0-1022-oem
ubuntu-upgrade-linux-image-6-5-0-1023-oem
ubuntu-upgrade-linux-image-6-5-0-1023-oracle
ubuntu-upgrade-linux-image-6-5-0-1023-oracle-64k
ubuntu-upgrade-linux-image-6-5-0-35-generic
ubuntu-upgrade-linux-image-6-5-0-35-generic-64k
ubuntu-upgrade-linux-image-6-5-0-35-lowlatency
ubuntu-upgrade-linux-image-6-5-0-35-lowlatency-64k
ubuntu-upgrade-linux-image-aws
ubuntu-upgrade-linux-image-aws-hwe
ubuntu-upgrade-linux-image-aws-lts-18-04
ubuntu-upgrade-linux-image-aws-lts-20-04
ubuntu-upgrade-linux-image-aws-lts-22-04
ubuntu-upgrade-linux-image-azure
ubuntu-upgrade-linux-image-azure-cvm
ubuntu-upgrade-linux-image-azure-fde
ubuntu-upgrade-linux-image-azure-fde-lts-22-04
ubuntu-upgrade-linux-image-azure-lts-18-04
ubuntu-upgrade-linux-image-azure-lts-20-04
ubuntu-upgrade-linux-image-azure-lts-22-04
ubuntu-upgrade-linux-image-bluefield
ubuntu-upgrade-linux-image-gcp
ubuntu-upgrade-linux-image-gcp-lts-18-04
ubuntu-upgrade-linux-image-gcp-lts-20-04
ubuntu-upgrade-linux-image-gcp-lts-22-04
ubuntu-upgrade-linux-image-generic
ubuntu-upgrade-linux-image-generic-64k
ubuntu-upgrade-linux-image-generic-64k-hwe-20-04
ubuntu-upgrade-linux-image-generic-64k-hwe-22-04
ubuntu-upgrade-linux-image-generic-hwe-16-04
ubuntu-upgrade-linux-image-generic-hwe-18-04
ubuntu-upgrade-linux-image-generic-hwe-20-04
ubuntu-upgrade-linux-image-generic-hwe-22-04
ubuntu-upgrade-linux-image-generic-lpae
ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04
ubuntu-upgrade-linux-image-generic-lts-xenial
ubuntu-upgrade-linux-image-gke
ubuntu-upgrade-linux-image-gke-5-15
ubuntu-upgrade-linux-image-gkeop
ubuntu-upgrade-linux-image-gkeop-5-15
ubuntu-upgrade-linux-image-gkeop-5-4
ubuntu-upgrade-linux-image-ibm
ubuntu-upgrade-linux-image-ibm-lts-20-04
ubuntu-upgrade-linux-image-intel
ubuntu-upgrade-linux-image-intel-iotg
ubuntu-upgrade-linux-image-kvm
ubuntu-upgrade-linux-image-laptop-23-10
ubuntu-upgrade-linux-image-lowlatency
ubuntu-upgrade-linux-image-lowlatency-64k
ubuntu-upgrade-linux-image-lowlatency-64k-hwe-20-04
ubuntu-upgrade-linux-image-lowlatency-64k-hwe-22-04
ubuntu-upgrade-linux-image-lowlatency-hwe-16-04
ubuntu-upgrade-linux-image-lowlatency-hwe-18-04
ubuntu-upgrade-linux-image-lowlatency-hwe-20-04
ubuntu-upgrade-linux-image-lowlatency-hwe-22-04
ubuntu-upgrade-linux-image-lowlatency-lts-xenial
ubuntu-upgrade-linux-image-nvidia
ubuntu-upgrade-linux-image-nvidia-6-5
ubuntu-upgrade-linux-image-nvidia-64k-6-5
ubuntu-upgrade-linux-image-nvidia-64k-hwe-22-04
ubuntu-upgrade-linux-image-nvidia-hwe-22-04
ubuntu-upgrade-linux-image-nvidia-lowlatency
ubuntu-upgrade-linux-image-oem
ubuntu-upgrade-linux-image-oem-20-04
ubuntu-upgrade-linux-image-oem-20-04b
ubuntu-upgrade-linux-image-oem-20-04c
ubuntu-upgrade-linux-image-oem-20-04d
ubuntu-upgrade-linux-image-oem-22-04
ubuntu-upgrade-linux-image-oem-22-04a
ubuntu-upgrade-linux-image-oem-22-04b
ubuntu-upgrade-linux-image-oem-22-04c
ubuntu-upgrade-linux-image-oem-22-04d
ubuntu-upgrade-linux-image-oem-osp1
ubuntu-upgrade-linux-image-oracle
ubuntu-upgrade-linux-image-oracle-64k
ubuntu-upgrade-linux-image-oracle-lts-18-04
ubuntu-upgrade-linux-image-oracle-lts-20-04
ubuntu-upgrade-linux-image-oracle-lts-22-04
ubuntu-upgrade-linux-image-raspi
ubuntu-upgrade-linux-image-raspi-hwe-18-04
ubuntu-upgrade-linux-image-raspi-nolpae
ubuntu-upgrade-linux-image-raspi2
ubuntu-upgrade-linux-image-snapdragon-hwe-18-04
ubuntu-upgrade-linux-image-starfive
ubuntu-upgrade-linux-image-virtual
ubuntu-upgrade-linux-image-virtual-hwe-16-04
ubuntu-upgrade-linux-image-virtual-hwe-18-04
ubuntu-upgrade-linux-image-virtual-hwe-20-04
ubuntu-upgrade-linux-image-virtual-hwe-22-04
ubuntu-upgrade-linux-image-virtual-lts-xenial
ubuntu-upgrade-linux-image-xilinx-zynqmp

References

https://attackerkb.com/topics/cve-2023-52604
CVE - 2023-52604
USN-6688-1
USN-6765-1
USN-6766-1
USN-6766-2
USN-6766-3
USN-6767-1
USN-6767-2
USN-6774-1
USN-6777-1
USN-6777-2
USN-6777-3
USN-6777-4
USN-6778-1
USN-6795-1
USN-6828-1

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

Ubuntu: (Multiple Advisories) (CVE-2023-52604): Linux kernel (OEM) vulnerabilities

Ubuntu: (Multiple Advisories) (CVE-2023-52604): Linux kernel (OEM) vulnerabilities

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.