CVE-2023-52942
- Source
- https://cve.org/CVERecord?id=CVE-2023-52942
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-52942.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-52942
- Downstream
- Published
- 2025-03-27T16:37:20.155Z
- Modified
- 2026-03-20T12:31:34.123106Z
- Summary
- cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
cgroup/cpuset: Fix wrong check in updateparentsubparts_cpumask()
It was found that the check to see if a partition could use up all the cpus from the parent cpuset in updateparentsubparts_cpumask() was incorrect. As a result, it is possible to leave parent with no effective cpu left even if there are tasks in the parent cpuset. This can lead to system panic as reported in [1].
Fix this probem by updating the check to fail the enabling the partition if parent's effectivecpus is a subset of the child's cpusallowed.
Also record the error code when an error happens in update_prstate() and add a test case where parent partition and child have the same cpu list and parent has task. Enabling partition in the child will fail in this case.
[1] https://www.spinics.net/lists/cgroups/msg36254.html
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52942.json" }- References
-
- https://git.kernel.org/stable/c/a2ab7f2cf5ef8f0c6212a246e681d1fe358cec1f
- https://git.kernel.org/stable/c/e5ae8803847b80fe9d744a3174abe2b7bfed222a
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/52xxx/CVE-2023-52942.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-52942
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git