fkie_cve-2023-53563
Vulnerability from fkie_nvd
Published
2025-10-04 16:15
Modified
2025-10-06 14:56
Severity ?
Summary
In the Linux kernel, the following vulnerability has been resolved: cpufreq: amd-pstate-ut: Fix kernel panic when loading the driver After loading the amd-pstate-ut driver, amd_pstate_ut_check_perf() and amd_pstate_ut_check_freq() use cpufreq_cpu_get() to get the policy of the CPU and mark it as busy. In these functions, cpufreq_cpu_put() should be used to release the policy, but it is not, so any other entity trying to access the policy is blocked indefinitely. One such scenario is when amd_pstate mode is changed, leading to the following splat: [ 1332.103727] INFO: task bash:2929 blocked for more than 120 seconds. [ 1332.110001] Not tainted 6.5.0-rc2-amd-pstate-ut #5 [ 1332.115315] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 1332.123140] task:bash state:D stack:0 pid:2929 ppid:2873 flags:0x00004006 [ 1332.123143] Call Trace: [ 1332.123145] <TASK> [ 1332.123148] __schedule+0x3c1/0x16a0 [ 1332.123154] ? _raw_read_lock_irqsave+0x2d/0x70 [ 1332.123157] schedule+0x6f/0x110 [ 1332.123160] schedule_timeout+0x14f/0x160 [ 1332.123162] ? preempt_count_add+0x86/0xd0 [ 1332.123165] __wait_for_common+0x92/0x190 [ 1332.123168] ? __pfx_schedule_timeout+0x10/0x10 [ 1332.123170] wait_for_completion+0x28/0x30 [ 1332.123173] cpufreq_policy_put_kobj+0x4d/0x90 [ 1332.123177] cpufreq_policy_free+0x157/0x1d0 [ 1332.123178] ? preempt_count_add+0x58/0xd0 [ 1332.123180] cpufreq_remove_dev+0xb6/0x100 [ 1332.123182] subsys_interface_unregister+0x114/0x120 [ 1332.123185] ? preempt_count_add+0x58/0xd0 [ 1332.123187] ? __pfx_amd_pstate_change_driver_mode+0x10/0x10 [ 1332.123190] cpufreq_unregister_driver+0x3b/0xd0 [ 1332.123192] amd_pstate_change_driver_mode+0x1e/0x50 [ 1332.123194] store_status+0xe9/0x180 [ 1332.123197] dev_attr_store+0x1b/0x30 [ 1332.123199] sysfs_kf_write+0x42/0x50 [ 1332.123202] kernfs_fop_write_iter+0x143/0x1d0 [ 1332.123204] vfs_write+0x2df/0x400 [ 1332.123208] ksys_write+0x6b/0xf0 [ 1332.123210] __x64_sys_write+0x1d/0x30 [ 1332.123213] do_syscall_64+0x60/0x90 [ 1332.123216] ? fpregs_assert_state_consistent+0x2e/0x50 [ 1332.123219] ? exit_to_user_mode_prepare+0x49/0x1a0 [ 1332.123223] ? irqentry_exit_to_user_mode+0xd/0x20 [ 1332.123225] ? irqentry_exit+0x3f/0x50 [ 1332.123226] ? exc_page_fault+0x8e/0x190 [ 1332.123228] entry_SYSCALL_64_after_hwframe+0x6e/0xd8 [ 1332.123232] RIP: 0033:0x7fa74c514a37 [ 1332.123234] RSP: 002b:00007ffe31dd0788 EFLAGS: 00000246 ORIG_RAX: 0000000000000001 [ 1332.123238] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fa74c514a37 [ 1332.123239] RDX: 0000000000000008 RSI: 000055e27c447aa0 RDI: 0000000000000001 [ 1332.123241] RBP: 000055e27c447aa0 R08: 00007fa74c5d1460 R09: 000000007fffffff [ 1332.123242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008 [ 1332.123244] R13: 00007fa74c61a780 R14: 00007fa74c616600 R15: 00007fa74c615a00 [ 1332.123247] </TASK> Fix this by calling cpufreq_cpu_put() wherever necessary. [ rjw: Subject and changelog edits ]
References
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/0f74f12ee042fd72e45f0e8700e063c84ef3883b
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/60dd283804479c4a52f995b713f448e2cd65b8c8
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/84857640c67405eed258c461b3ef909002f1e201
416baaa9-dc9f-4396-8d5f-8c081fb06d67https://git.kernel.org/stable/c/fcf78a17bbb94bebaa912f0460a1848f7d374c94
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncpufreq: amd-pstate-ut: Fix kernel panic when loading the driver\n\nAfter loading the amd-pstate-ut driver, amd_pstate_ut_check_perf()\nand amd_pstate_ut_check_freq() use cpufreq_cpu_get() to get the policy\nof the CPU and mark it as busy.\n\nIn these functions, cpufreq_cpu_put() should be used to release the\npolicy, but it is not, so any other entity trying to access the policy\nis blocked indefinitely.\n\nOne such scenario is when amd_pstate mode is changed, leading to the\nfollowing splat:\n\n[ 1332.103727] INFO: task bash:2929 blocked for more than 120 seconds.\n[ 1332.110001]       Not tainted 6.5.0-rc2-amd-pstate-ut #5\n[ 1332.115315] \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n[ 1332.123140] task:bash            state:D stack:0     pid:2929  ppid:2873   flags:0x00004006\n[ 1332.123143] Call Trace:\n[ 1332.123145]  \u003cTASK\u003e\n[ 1332.123148]  __schedule+0x3c1/0x16a0\n[ 1332.123154]  ? _raw_read_lock_irqsave+0x2d/0x70\n[ 1332.123157]  schedule+0x6f/0x110\n[ 1332.123160]  schedule_timeout+0x14f/0x160\n[ 1332.123162]  ? preempt_count_add+0x86/0xd0\n[ 1332.123165]  __wait_for_common+0x92/0x190\n[ 1332.123168]  ? __pfx_schedule_timeout+0x10/0x10\n[ 1332.123170]  wait_for_completion+0x28/0x30\n[ 1332.123173]  cpufreq_policy_put_kobj+0x4d/0x90\n[ 1332.123177]  cpufreq_policy_free+0x157/0x1d0\n[ 1332.123178]  ? preempt_count_add+0x58/0xd0\n[ 1332.123180]  cpufreq_remove_dev+0xb6/0x100\n[ 1332.123182]  subsys_interface_unregister+0x114/0x120\n[ 1332.123185]  ? preempt_count_add+0x58/0xd0\n[ 1332.123187]  ? __pfx_amd_pstate_change_driver_mode+0x10/0x10\n[ 1332.123190]  cpufreq_unregister_driver+0x3b/0xd0\n[ 1332.123192]  amd_pstate_change_driver_mode+0x1e/0x50\n[ 1332.123194]  store_status+0xe9/0x180\n[ 1332.123197]  dev_attr_store+0x1b/0x30\n[ 1332.123199]  sysfs_kf_write+0x42/0x50\n[ 1332.123202]  kernfs_fop_write_iter+0x143/0x1d0\n[ 1332.123204]  vfs_write+0x2df/0x400\n[ 1332.123208]  ksys_write+0x6b/0xf0\n[ 1332.123210]  __x64_sys_write+0x1d/0x30\n[ 1332.123213]  do_syscall_64+0x60/0x90\n[ 1332.123216]  ? fpregs_assert_state_consistent+0x2e/0x50\n[ 1332.123219]  ? exit_to_user_mode_prepare+0x49/0x1a0\n[ 1332.123223]  ? irqentry_exit_to_user_mode+0xd/0x20\n[ 1332.123225]  ? irqentry_exit+0x3f/0x50\n[ 1332.123226]  ? exc_page_fault+0x8e/0x190\n[ 1332.123228]  entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n[ 1332.123232] RIP: 0033:0x7fa74c514a37\n[ 1332.123234] RSP: 002b:00007ffe31dd0788 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n[ 1332.123238] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00007fa74c514a37\n[ 1332.123239] RDX: 0000000000000008 RSI: 000055e27c447aa0 RDI: 0000000000000001\n[ 1332.123241] RBP: 000055e27c447aa0 R08: 00007fa74c5d1460 R09: 000000007fffffff\n[ 1332.123242] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000008\n[ 1332.123244] R13: 00007fa74c61a780 R14: 00007fa74c616600 R15: 00007fa74c615a00\n[ 1332.123247]  \u003c/TASK\u003e\n\nFix this by calling cpufreq_cpu_put() wherever necessary.\n\n[ rjw: Subject and changelog edits ]"
    }
  ],
  "id": "CVE-2023-53563",
  "lastModified": "2025-10-06T14:56:21.733",
  "metrics": {},
  "published": "2025-10-04T16:15:51.757",
  "references": [
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/0f74f12ee042fd72e45f0e8700e063c84ef3883b"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/60dd283804479c4a52f995b713f448e2cd65b8c8"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/84857640c67405eed258c461b3ef909002f1e201"
    },
    {
      "source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "url": "https://git.kernel.org/stable/c/fcf78a17bbb94bebaa912f0460a1848f7d374c94"
    }
  ],
  "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
  "vulnStatus": "Awaiting Analysis"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.