DEBIAN-CVE-2023-54246

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2023-54246
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54246.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-54246
Upstream
Published
2025-12-30T13:16:13.210Z
Modified
2025-12-31T11:20:38.840572Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcuscalewriter() scheduletimeoutuninterruptible() to idle() The rcuscale.holdoff module parameter can be used to delay the start of rcuscalewriter() kthread. However, the hung-task timeout will trigger when the timeout specified by rcuscale.holdoff is greater than hungtasktimeoutsecs: runqemu kvm nographic slirp qemuparams="-smp 4 -m 2048M" bootparams="rcuscale.shutdown=0 rcuscale.holdoff=300" [ 247.071753] INFO: task rcuscalewrite:59 blocked for more than 122 seconds. [ 247.072529] Not tainted 6.4.0-rc1-00134-gb9ed6de8d4ff #7 [ 247.073400] "echo 0 > /proc/sys/kernel/hungtasktimeoutsecs" disables this message. [ 247.074331] task:rcuscalewrite state:D stack:30144 pid:59 ppid:2 flags:0x00004000 [ 247.075346] Call Trace: [ 247.075660] <TASK> [ 247.075965] schedule+0x635/0x1280 [ 247.076448] ? _pfxschedule+0x10/0x10 [ 247.076967] ? scheduletimeout+0x2dc/0x4d0 [ 247.077471] ? _pfxlockrelease+0x10/0x10 [ 247.078018] ? enqueuetimer+0xe2/0x220 [ 247.078522] schedule+0x84/0x120 [ 247.078957] scheduletimeout+0x2e1/0x4d0 [ 247.079447] ? _pfxscheduletimeout+0x10/0x10 [ 247.080032] ? _pfxrcuscalewriter+0x10/0x10 [ 247.080591] ? _pfxprocesstimeout+0x10/0x10 [ 247.081163] ? _pfxschedsetfifolow+0x10/0x10 [ 247.081760] ? _pfxrcuscalewriter+0x10/0x10 [ 247.082287] rcuscalewriter+0x6b1/0x7f0 [ 247.082773] ? markheldlocks+0x29/0xa0 [ 247.083252] ? _pfxrcuscalewriter+0x10/0x10 [ 247.083865] ? _pfxrcuscalewriter+0x10/0x10 [ 247.084412] kthread+0x179/0x1c0 [ 247.084759] ? _pfxkthread+0x10/0x10 [ 247.085098] retfromfork+0x2c/0x50 [ 247.085433] </TASK> This commit therefore replaces scheduletimeoutuninterruptible() with scheduletimeoutidle().

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.197-1

Affected versions

5.*
5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1
5.10.148-1
5.10.149-1
5.10.149-2
5.10.158-1
5.10.158-2
5.10.162-1
5.10.178-1
5.10.178-2
5.10.178-3
5.10.179-1
5.10.179-2
5.10.179-3
5.10.179-4
5.10.179-5
5.10.191-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54246.json"

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.55-1

Affected versions

6.*
6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54246.json"

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.5.6-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54246.json"

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.5.6-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Database specific

source 
"https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-54246.json"