DEBIAN-CVE-2023-52835

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/DEBIAN-CVE-2023-52835

Import Source

https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-52835.json

JSON Data

https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-52835

Upstream

CVE-2023-52835

Published

2024-05-21T16:15:21Z

Modified

2025-09-19T07:33:35.461754Z

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When perf-record with a large AUX area, e.g 4GB, it fails with: #perf record -C 0 -m ,4G -e armspe0// -- sleep 1 failed to mmap with 12 (Cannot allocate memory) and it reveals a WARNING with _allocpages(): ------------[ cut here ]------------ WARNING: CPU: 44 PID: 17573 at mm/pagealloc.c:5568 _allocpages+0x1ec/0x248 Call trace: _allocpages+0x1ec/0x248 _kmalloclargenode+0xc0/0x1f8 _kmallocnode+0x134/0x1e8 rballocaux+0xe0/0x298 perfmmap+0x440/0x660 mmapregion+0x308/0x8a8 dommap+0x3c0/0x528 vmmmappgoff+0xf4/0x1b8 ksysmmappgoff+0x18c/0x218 _arm64sysmmap+0x38/0x58 invokesyscall+0x50/0x128 el0svccommon.constprop.0+0x58/0x188 doel0svc+0x34/0x50 el0svc+0x34/0x108 el0t64synchandler+0xb8/0xc0 el0t64sync+0x1a4/0x1a8 'rb->auxpages' allocated by kcalloc() is a pointer array which is used to maintains AUX trace pages. The allocated page for this array is physically contiguous (and virtually contiguous) with an order of 0..MAXORDER. If the size of pointer array crosses the limitation set by MAXORDER, it reveals a WARNING. So bail out early with -ENOMEM if the request AUX area is out of bound, e.g.: #perf record -C 0 -m ,4G -e armspe0// -- sleep 1 failed to mmap with 12 (Cannot allocate memory)

References

https://security-tracker.debian.org/tracker/CVE-2023-52835

Affected packages

Debian:11 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.10.205-1

Affected versions

5.*

5.10.46-4

5.10.46-5

5.10.70-1~bpo10+1

5.10.70-1

5.10.84-1

5.10.92-1~bpo10+1

5.10.92-1

5.10.92-2

5.10.103-1~bpo10+1

5.10.103-1

5.10.106-1

5.10.113-1

5.10.120-1~bpo10+1

5.10.120-1

5.10.127-1

5.10.127-2~bpo10+1

5.10.127-2

5.10.136-1

5.10.140-1

5.10.148-1

5.10.149-1

5.10.149-2

5.10.158-1

5.10.158-2

5.10.162-1

5.10.178-1

5.10.178-2

5.10.178-3

5.10.179-1

5.10.179-2

5.10.179-3

5.10.179-4

5.10.179-5

5.10.191-1

5.10.197-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.1.64-1

Affected versions

6.*

6.1.27-1

6.1.37-1

6.1.38-1

6.1.38-2~bpo11+1

6.1.38-2

6.1.38-3

6.1.38-4~bpo11+1

6.1.38-4

6.1.52-1

6.1.55-1~bpo11+1

6.1.55-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.8-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name: linux
Purl: pkg:deb/debian/linux?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

6.6.8-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}