ghsa-c7h5-f667-cvc5
Vulnerability from github
Published
2024-04-02 09:30
Modified
2024-04-02 09:30
Details
In the Linux kernel, the following vulnerability has been resolved:
um: time-travel: fix time corruption
In 'basic' time-travel mode (without =inf-cpu or =ext), we still get timer interrupts. These can happen at arbitrary points in time, i.e. while in timer_read(), which pushes time forward just a little bit. Then, if we happen to get the interrupt after calculating the new time to push to, but before actually finishing that, the interrupt will set the time to a value that's incompatible with the forward, and we'll crash because time goes backwards when we do the forwarding.
Fix this by reading the time_travel_time, calculating the adjustment, and doing the adjustment all with interrupts disabled.
{ "affected": [], "aliases": [ "CVE-2023-52633" ], "database_specific": { "cwe_ids": [], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2024-04-02T07:15:41Z", "severity": null }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\num: time-travel: fix time corruption\n\nIn \u0027basic\u0027 time-travel mode (without =inf-cpu or =ext), we\nstill get timer interrupts. These can happen at arbitrary\npoints in time, i.e. while in timer_read(), which pushes\ntime forward just a little bit. Then, if we happen to get\nthe interrupt after calculating the new time to push to,\nbut before actually finishing that, the interrupt will set\nthe time to a value that\u0027s incompatible with the forward,\nand we\u0027ll crash because time goes backwards when we do the\nforwarding.\n\nFix this by reading the time_travel_time, calculating the\nadjustment, and doing the adjustment all with interrupts\ndisabled.", "id": "GHSA-c7h5-f667-cvc5", "modified": "2024-04-02T09:30:40Z", "published": "2024-04-02T09:30:40Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-52633" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/0c7478a2da3f5fe106b4658338873d50c86ac7ab" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/4f7dad73df4cdb2b7042103d3922745d040ad025" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/abe4eaa8618bb36c2b33e9cdde0499296a23448c" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/b427f55e9d4185f6f17cc1e3296eb8d0c4425283" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/de3e9d8e8d1ae0a4d301109d1ec140796901306c" } ], "schema_version": "1.4.0", "severity": [] }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.