中危 Linux 内核事件处理中可能出现死锁 (CVE-2023-34324)

CVE编号

CVE-2023-34324

利用情况

暂无

补丁情况

官方补丁

披露时间

2024-01-06
漏洞描述
Closing of an event channel in the Linux kernel can result in a deadlock.
This happens when the close is being performed in parallel to an unrelated
Xen console action and the handling of a Xen console interrupt in an
unprivileged guest.

The closing of an event channel is e.g. triggered by removal of a
paravirtual device on the other side. As this action will cause console
messages to be issued on the other side quite often, the chance of
triggering the deadlock is not neglectable.

Note that 32-bit Arm-guests are not affected, as the 32-bit Linux kernel
on Arm doesn't use queued-RW-locks, which are required to trigger the
issue (on Arm32 a waiting writer doesn't block further readers to get
the lock).

解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接
https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html
https://lists.debian.org/debian-lts-announce/2024/01/msg00005.html
https://xenbits.xenproject.org/xsa/advisory-441.html
受影响软件情况
# 类型 厂商 产品 版本 影响面
1
运行在以下环境
系统 amazon_2 kernel * Up to
(excluding)
5.4.258-171.360.amzn2
运行在以下环境
系统 amazon_2023 kernel * Up to
(excluding)
6.1.59-84.139.amzn2023
运行在以下环境
系统 amazon_AMI kernel * Up to
(excluding)
4.14.328-174.540.amzn1
运行在以下环境
系统 debian_11 linux * Up to
(excluding)
5.10.205-2
运行在以下环境
系统 debian_12 linux * Up to
(excluding)
6.1.64-1
运行在以下环境
系统 linux linux_kernel * Up to
(excluding)
5.10
运行在以下环境
系统 opensuse_5.3 kernel * Up to
(excluding)
5.14.21-150400.15.59.1
运行在以下环境
系统 opensuse_5.4 kernel * Up to
(excluding)
5.14.21-150400.15.59.1
运行在以下环境
系统 opensuse_Leap_15.4 dtb-al * Up to
(excluding)
5.3.18-150300.59.141.1
运行在以下环境
系统 opensuse_Leap_15.5 kernel * Up to
(excluding)
4.12.14-150100.197.160.1
运行在以下环境
系统 suse_12_SP5 kernel * Up to
(excluding)
4.12.14-16.155.1
运行在以下环境
系统 xen xen - -
阿里云评分
4.3
  • 攻击路径
    本地
  • 攻击复杂度
    困难
  • 权限要求
    管控权限
  • 影响范围
    有限影响
  • EXP成熟度
    未验证
  • 补丁情况
    官方补丁
  • 数据保密性
    无影响
  • 数据完整性
    无影响
  • 服务器危害
    无影响
  • 全网数量
    N/A
CWE-ID 漏洞类型
CWE-400 未加控制的资源消耗(资源穷尽)
阿里云安全产品覆盖情况