CVE-2023-53478

In the Linux kernel, the following vulnerability has been resolved:

tracing/synthetic: Fix races on freeing last_cmd

Currently, the last_cmd variable can be accessed by multiple processes asynchronously when multiple users manipulate synthetic_events node at the same time, it could lead to use-after-free or double-free.

This patch add lastcmd_mutex to prevent last_cmd from being accessed asynchronously.

================================================================

Its easy to reproduce in the KASAN environment by running the two scripts below in different shells.

script 1: while : do echo -n -e x88 > /sys/kernel/tracing/synthetic_events done

script 2: while : do echo -n -e xb0 > /sys/kernel/tracing/synthetic_events done

================================================================ double-free scenario:

process A                       process B

1.kstrdup last_cmd 2.free last_cmd 3.free last_cmd(double-free)

================================================================ use-after-free scenario:

process A                       process B

1.kstrdup last_cmd 2.free last_cmd 3.tracing_log_err(use-after-free)

================================================================

Appendix 1. KASAN report double-free:

BUG: KASAN: double-free in kfree+0xdc/0x1d4 Free of addr ***** by task sh/4879 Call trace: … kfree+0xdc/0x1d4 create_or_delete_synth_event+0x60/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 …

Allocated by task 4879: … kstrdup+0x5c/0x98 create_or_delete_synth_event+0x6c/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 …

Freed by task 5464: … kfree+0xdc/0x1d4 create_or_delete_synth_event+0x60/0x1e8 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 …

================================================================ Appendix 2. KASAN report use-after-free:

BUG: KASAN: use-after-free in strlen+0x5c/0x7c Read of size 1 at addr ***** by task sh/5483 sh: CPU: 7 PID: 5483 Comm: sh … __asan_report_load1_noabort+0x34/0x44 strlen+0x5c/0x7c tracing_log_err+0x60/0x444 create_or_delete_synth_event+0xc4/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 …

Allocated by task 5483: … kstrdup+0x5c/0x98 create_or_delete_synth_event+0x80/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 …

Freed by task 5480: … kfree+0xdc/0x1d4 create_or_delete_synth_event+0x74/0x204 trace_parse_run_command+0x2bc/0x4b8 synth_events_write+0x20/0x30 vfs_write+0x200/0x830 …

Weakness

The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.

Affected Software

Name	Vendor	Start Version	End Version
Linux_kernel	Linux	5.18 (including)	6.1.24 (excluding)
Linux_kernel	Linux	6.2 (including)	6.2.11 (excluding)
Linux_kernel	Linux	6.3-rc1 (including)	6.3-rc1 (including)
Linux_kernel	Linux	6.3-rc2 (including)	6.3-rc2 (including)
Linux_kernel	Linux	6.3-rc3 (including)	6.3-rc3 (including)
Linux_kernel	Linux	6.3-rc4 (including)	6.3-rc4 (including)
Linux_kernel	Linux	6.3-rc5 (including)	6.3-rc5 (including)
Linux	Ubuntu	bionic	*
Linux	Ubuntu	esm-infra-legacy/trusty	*
Linux	Ubuntu	esm-infra/bionic	*
Linux	Ubuntu	esm-infra/focal	*
Linux	Ubuntu	esm-infra/xenial	*
Linux	Ubuntu	focal	*
Linux	Ubuntu	jammy	*
Linux	Ubuntu	trusty	*
Linux	Ubuntu	trusty/esm	*
Linux	Ubuntu	upstream	*
Linux	Ubuntu	xenial	*
Linux-allwinner-5.19	Ubuntu	jammy	*
Linux-allwinner-5.19	Ubuntu	upstream	*
Linux-aws	Ubuntu	bionic	*
Linux-aws	Ubuntu	esm-infra-legacy/trusty	*
Linux-aws	Ubuntu	esm-infra/bionic	*
Linux-aws	Ubuntu	esm-infra/focal	*
Linux-aws	Ubuntu	esm-infra/xenial	*
Linux-aws	Ubuntu	focal	*
Linux-aws	Ubuntu	jammy	*
Linux-aws	Ubuntu	trusty	*
Linux-aws	Ubuntu	trusty/esm	*
Linux-aws	Ubuntu	upstream	*
Linux-aws	Ubuntu	xenial	*
Linux-aws-5.0	Ubuntu	bionic	*
Linux-aws-5.0	Ubuntu	esm-infra/bionic	*
Linux-aws-5.0	Ubuntu	upstream	*
Linux-aws-5.11	Ubuntu	esm-infra/focal	*
Linux-aws-5.11	Ubuntu	focal	*
Linux-aws-5.11	Ubuntu	upstream	*
Linux-aws-5.13	Ubuntu	esm-infra/focal	*
Linux-aws-5.13	Ubuntu	focal	*
Linux-aws-5.13	Ubuntu	upstream	*
Linux-aws-5.15	Ubuntu	esm-infra/focal	*
Linux-aws-5.15	Ubuntu	focal	*
Linux-aws-5.15	Ubuntu	upstream	*
Linux-aws-5.19	Ubuntu	jammy	*
Linux-aws-5.19	Ubuntu	upstream	*
Linux-aws-5.3	Ubuntu	bionic	*
Linux-aws-5.3	Ubuntu	esm-infra/bionic	*
Linux-aws-5.3	Ubuntu	upstream	*
Linux-aws-5.4	Ubuntu	bionic	*
Linux-aws-5.4	Ubuntu	esm-infra/bionic	*
Linux-aws-5.4	Ubuntu	upstream	*
Linux-aws-5.8	Ubuntu	esm-infra/focal	*
Linux-aws-5.8	Ubuntu	focal	*
Linux-aws-5.8	Ubuntu	upstream	*
Linux-aws-6.14	Ubuntu	upstream	*
Linux-aws-6.2	Ubuntu	jammy	*
Linux-aws-6.2	Ubuntu	upstream	*
Linux-aws-6.5	Ubuntu	jammy	*
Linux-aws-6.5	Ubuntu	upstream	*
Linux-aws-6.8	Ubuntu	upstream	*
Linux-aws-fips	Ubuntu	fips-preview/jammy	*
Linux-aws-fips	Ubuntu	fips-updates/bionic	*
Linux-aws-fips	Ubuntu	fips-updates/focal	*
Linux-aws-fips	Ubuntu	fips-updates/jammy	*
Linux-aws-fips	Ubuntu	fips/bionic	*
Linux-aws-fips	Ubuntu	fips/focal	*
Linux-aws-fips	Ubuntu	trusty	*
Linux-aws-fips	Ubuntu	upstream	*
Linux-aws-fips	Ubuntu	xenial	*
Linux-aws-hwe	Ubuntu	esm-infra/xenial	*
Linux-aws-hwe	Ubuntu	upstream	*
Linux-aws-hwe	Ubuntu	xenial	*
Linux-azure	Ubuntu	bionic	*
Linux-azure	Ubuntu	esm-infra-legacy/trusty	*
Linux-azure	Ubuntu	esm-infra/bionic	*
Linux-azure	Ubuntu	esm-infra/focal	*
Linux-azure	Ubuntu	esm-infra/xenial	*
Linux-azure	Ubuntu	focal	*
Linux-azure	Ubuntu	jammy	*
Linux-azure	Ubuntu	trusty	*
Linux-azure	Ubuntu	trusty/esm	*
Linux-azure	Ubuntu	upstream	*
Linux-azure	Ubuntu	xenial	*
Linux-azure-4.15	Ubuntu	bionic	*
Linux-azure-4.15	Ubuntu	esm-infra/bionic	*
Linux-azure-4.15	Ubuntu	upstream	*
Linux-azure-5.11	Ubuntu	esm-infra/focal	*
Linux-azure-5.11	Ubuntu	focal	*
Linux-azure-5.11	Ubuntu	upstream	*
Linux-azure-5.13	Ubuntu	esm-infra/focal	*
Linux-azure-5.13	Ubuntu	focal	*
Linux-azure-5.13	Ubuntu	upstream	*
Linux-azure-5.15	Ubuntu	esm-infra/focal	*
Linux-azure-5.15	Ubuntu	focal	*
Linux-azure-5.15	Ubuntu	upstream	*
Linux-azure-5.19	Ubuntu	jammy	*
Linux-azure-5.19	Ubuntu	upstream	*
Linux-azure-5.3	Ubuntu	bionic	*
Linux-azure-5.3	Ubuntu	esm-infra/bionic	*
Linux-azure-5.3	Ubuntu	upstream	*
Linux-azure-5.4	Ubuntu	bionic	*
Linux-azure-5.4	Ubuntu	esm-infra/bionic	*
Linux-azure-5.4	Ubuntu	upstream	*
Linux-azure-5.8	Ubuntu	esm-infra/focal	*
Linux-azure-5.8	Ubuntu	focal	*
Linux-azure-5.8	Ubuntu	upstream	*
Linux-azure-6.11	Ubuntu	noble	*
Linux-azure-6.11	Ubuntu	upstream	*
Linux-azure-6.14	Ubuntu	upstream	*
Linux-azure-6.2	Ubuntu	jammy	*
Linux-azure-6.2	Ubuntu	upstream	*
Linux-azure-6.5	Ubuntu	jammy	*
Linux-azure-6.5	Ubuntu	upstream	*
Linux-azure-6.8	Ubuntu	upstream	*
Linux-azure-edge	Ubuntu	bionic	*
Linux-azure-edge	Ubuntu	esm-infra/bionic	*
Linux-azure-edge	Ubuntu	upstream	*
Linux-azure-fde	Ubuntu	esm-infra/focal	*
Linux-azure-fde	Ubuntu	focal	*
Linux-azure-fde	Ubuntu	jammy	*
Linux-azure-fde	Ubuntu	upstream	*
Linux-azure-fde-5.15	Ubuntu	esm-infra/focal	*
Linux-azure-fde-5.15	Ubuntu	focal	*
Linux-azure-fde-5.15	Ubuntu	upstream	*
Linux-azure-fde-5.19	Ubuntu	jammy	*
Linux-azure-fde-5.19	Ubuntu	upstream	*
Linux-azure-fde-6.14	Ubuntu	upstream	*
Linux-azure-fde-6.2	Ubuntu	jammy	*
Linux-azure-fde-6.2	Ubuntu	upstream	*
Linux-azure-fde-6.8	Ubuntu	upstream	*
Linux-azure-fips	Ubuntu	fips-preview/jammy	*
Linux-azure-fips	Ubuntu	fips-updates/bionic	*
Linux-azure-fips	Ubuntu	fips-updates/focal	*
Linux-azure-fips	Ubuntu	fips-updates/jammy	*
Linux-azure-fips	Ubuntu	fips/bionic	*
Linux-azure-fips	Ubuntu	fips/focal	*
Linux-azure-fips	Ubuntu	trusty	*
Linux-azure-fips	Ubuntu	upstream	*
Linux-azure-fips	Ubuntu	xenial	*
Linux-azure-nvidia	Ubuntu	upstream	*
Linux-azure-nvidia-6.14	Ubuntu	upstream	*
Linux-bluefield	Ubuntu	bluefield/jammy	*
Linux-bluefield	Ubuntu	esm-infra/focal	*
Linux-bluefield	Ubuntu	focal	*
Linux-bluefield	Ubuntu	upstream	*
Linux-fips	Ubuntu	fips-preview/jammy	*
Linux-fips	Ubuntu	fips-updates/bionic	*
Linux-fips	Ubuntu	fips-updates/focal	*
Linux-fips	Ubuntu	fips-updates/jammy	*
Linux-fips	Ubuntu	fips-updates/xenial	*
Linux-fips	Ubuntu	fips/bionic	*
Linux-fips	Ubuntu	fips/focal	*
Linux-fips	Ubuntu	fips/xenial	*
Linux-fips	Ubuntu	upstream	*
Linux-gcp	Ubuntu	bionic	*
Linux-gcp	Ubuntu	esm-infra/bionic	*
Linux-gcp	Ubuntu	esm-infra/focal	*
Linux-gcp	Ubuntu	esm-infra/xenial	*
Linux-gcp	Ubuntu	focal	*
Linux-gcp	Ubuntu	jammy	*
Linux-gcp	Ubuntu	upstream	*
Linux-gcp	Ubuntu	xenial	*
Linux-gcp-4.15	Ubuntu	bionic	*
Linux-gcp-4.15	Ubuntu	esm-infra/bionic	*
Linux-gcp-4.15	Ubuntu	upstream	*
Linux-gcp-5.11	Ubuntu	esm-infra/focal	*
Linux-gcp-5.11	Ubuntu	focal	*
Linux-gcp-5.11	Ubuntu	upstream	*
Linux-gcp-5.13	Ubuntu	esm-infra/focal	*
Linux-gcp-5.13	Ubuntu	focal	*
Linux-gcp-5.13	Ubuntu	upstream	*
Linux-gcp-5.15	Ubuntu	esm-infra/focal	*
Linux-gcp-5.15	Ubuntu	focal	*
Linux-gcp-5.15	Ubuntu	upstream	*
Linux-gcp-5.19	Ubuntu	jammy	*
Linux-gcp-5.19	Ubuntu	upstream	*
Linux-gcp-5.3	Ubuntu	bionic	*
Linux-gcp-5.3	Ubuntu	esm-infra/bionic	*
Linux-gcp-5.3	Ubuntu	upstream	*
Linux-gcp-5.4	Ubuntu	bionic	*
Linux-gcp-5.4	Ubuntu	esm-infra/bionic	*
Linux-gcp-5.4	Ubuntu	upstream	*
Linux-gcp-5.8	Ubuntu	esm-infra/focal	*
Linux-gcp-5.8	Ubuntu	focal	*
Linux-gcp-5.8	Ubuntu	upstream	*
Linux-gcp-6.11	Ubuntu	noble	*
Linux-gcp-6.11	Ubuntu	upstream	*
Linux-gcp-6.14	Ubuntu	upstream	*
Linux-gcp-6.2	Ubuntu	jammy	*
Linux-gcp-6.2	Ubuntu	upstream	*
Linux-gcp-6.5	Ubuntu	jammy	*
Linux-gcp-6.5	Ubuntu	upstream	*
Linux-gcp-6.8	Ubuntu	upstream	*
Linux-gcp-fips	Ubuntu	fips-preview/jammy	*
Linux-gcp-fips	Ubuntu	fips-updates/bionic	*
Linux-gcp-fips	Ubuntu	fips-updates/focal	*
Linux-gcp-fips	Ubuntu	fips-updates/jammy	*
Linux-gcp-fips	Ubuntu	fips/bionic	*
Linux-gcp-fips	Ubuntu	fips/focal	*
Linux-gcp-fips	Ubuntu	trusty	*
Linux-gcp-fips	Ubuntu	upstream	*
Linux-gcp-fips	Ubuntu	xenial	*
Linux-gke	Ubuntu	esm-infra/focal	*
Linux-gke	Ubuntu	focal	*
Linux-gke	Ubuntu	jammy	*
Linux-gke	Ubuntu	upstream	*
Linux-gke	Ubuntu	xenial	*
Linux-gke-4.15	Ubuntu	bionic	*
Linux-gke-4.15	Ubuntu	esm-infra/bionic	*
Linux-gke-4.15	Ubuntu	upstream	*
Linux-gke-5.15	Ubuntu	esm-infra/focal	*
Linux-gke-5.15	Ubuntu	focal	*
Linux-gke-5.15	Ubuntu	upstream	*
Linux-gke-5.4	Ubuntu	bionic	*
Linux-gke-5.4	Ubuntu	esm-infra/bionic	*
Linux-gke-5.4	Ubuntu	upstream	*
Linux-gkeop	Ubuntu	esm-infra/focal	*
Linux-gkeop	Ubuntu	focal	*
Linux-gkeop	Ubuntu	jammy	*
Linux-gkeop	Ubuntu	upstream	*
Linux-gkeop-5.15	Ubuntu	esm-infra/focal	*
Linux-gkeop-5.15	Ubuntu	focal	*
Linux-gkeop-5.15	Ubuntu	upstream	*
Linux-gkeop-5.4	Ubuntu	bionic	*
Linux-gkeop-5.4	Ubuntu	esm-infra/bionic	*
Linux-gkeop-5.4	Ubuntu	upstream	*
Linux-hwe	Ubuntu	bionic	*
Linux-hwe	Ubuntu	esm-infra/bionic	*
Linux-hwe	Ubuntu	esm-infra/xenial	*
Linux-hwe	Ubuntu	upstream	*
Linux-hwe	Ubuntu	xenial	*
Linux-hwe-5.11	Ubuntu	esm-infra/focal	*
Linux-hwe-5.11	Ubuntu	focal	*
Linux-hwe-5.11	Ubuntu	upstream	*
Linux-hwe-5.13	Ubuntu	esm-infra/focal	*
Linux-hwe-5.13	Ubuntu	focal	*
Linux-hwe-5.13	Ubuntu	upstream	*
Linux-hwe-5.15	Ubuntu	esm-infra/focal	*
Linux-hwe-5.15	Ubuntu	focal	*
Linux-hwe-5.15	Ubuntu	upstream	*
Linux-hwe-5.19	Ubuntu	jammy	*
Linux-hwe-5.19	Ubuntu	upstream	*
Linux-hwe-5.4	Ubuntu	bionic	*
Linux-hwe-5.4	Ubuntu	esm-infra/bionic	*
Linux-hwe-5.4	Ubuntu	upstream	*
Linux-hwe-5.8	Ubuntu	esm-infra/focal	*
Linux-hwe-5.8	Ubuntu	focal	*
Linux-hwe-5.8	Ubuntu	upstream	*
Linux-hwe-6.11	Ubuntu	noble	*
Linux-hwe-6.11	Ubuntu	upstream	*
Linux-hwe-6.14	Ubuntu	upstream	*
Linux-hwe-6.2	Ubuntu	jammy	*
Linux-hwe-6.2	Ubuntu	upstream	*
Linux-hwe-6.5	Ubuntu	jammy	*
Linux-hwe-6.5	Ubuntu	upstream	*
Linux-hwe-6.8	Ubuntu	upstream	*
Linux-hwe-edge	Ubuntu	bionic	*
Linux-hwe-edge	Ubuntu	esm-infra/bionic	*
Linux-hwe-edge	Ubuntu	esm-infra/xenial	*
Linux-hwe-edge	Ubuntu	upstream	*
Linux-hwe-edge	Ubuntu	xenial	*
Linux-ibm	Ubuntu	esm-infra/focal	*
Linux-ibm	Ubuntu	focal	*
Linux-ibm	Ubuntu	jammy	*
Linux-ibm	Ubuntu	upstream	*
Linux-ibm-5.15	Ubuntu	esm-infra/focal	*
Linux-ibm-5.15	Ubuntu	focal	*
Linux-ibm-5.15	Ubuntu	upstream	*
Linux-ibm-5.4	Ubuntu	bionic	*
Linux-ibm-5.4	Ubuntu	esm-infra/bionic	*
Linux-ibm-5.4	Ubuntu	upstream	*
Linux-ibm-6.8	Ubuntu	upstream	*
Linux-intel	Ubuntu	noble	*
Linux-intel	Ubuntu	upstream	*
Linux-intel-5.13	Ubuntu	esm-infra/focal	*
Linux-intel-5.13	Ubuntu	focal	*
Linux-intel-5.13	Ubuntu	upstream	*
Linux-intel-iot-realtime	Ubuntu	jammy	*
Linux-intel-iot-realtime	Ubuntu	realtime/jammy	*
Linux-intel-iot-realtime	Ubuntu	upstream	*
Linux-intel-iotg	Ubuntu	jammy	*
Linux-intel-iotg	Ubuntu	upstream	*
Linux-intel-iotg-5.15	Ubuntu	esm-infra/focal	*
Linux-intel-iotg-5.15	Ubuntu	focal	*
Linux-intel-iotg-5.15	Ubuntu	upstream	*
Linux-iot	Ubuntu	esm-infra/focal	*
Linux-iot	Ubuntu	focal	*
Linux-iot	Ubuntu	upstream	*
Linux-kvm	Ubuntu	bionic	*
Linux-kvm	Ubuntu	esm-infra/bionic	*
Linux-kvm	Ubuntu	esm-infra/focal	*
Linux-kvm	Ubuntu	esm-infra/xenial	*
Linux-kvm	Ubuntu	focal	*
Linux-kvm	Ubuntu	jammy	*
Linux-kvm	Ubuntu	upstream	*
Linux-kvm	Ubuntu	xenial	*
Linux-lowlatency	Ubuntu	jammy	*
Linux-lowlatency	Ubuntu	upstream	*
Linux-lowlatency-hwe-5.15	Ubuntu	esm-infra/focal	*
Linux-lowlatency-hwe-5.15	Ubuntu	focal	*
Linux-lowlatency-hwe-5.15	Ubuntu	upstream	*
Linux-lowlatency-hwe-5.19	Ubuntu	jammy	*
Linux-lowlatency-hwe-5.19	Ubuntu	upstream	*
Linux-lowlatency-hwe-6.11	Ubuntu	noble	*
Linux-lowlatency-hwe-6.11	Ubuntu	upstream	*
Linux-lowlatency-hwe-6.2	Ubuntu	jammy	*
Linux-lowlatency-hwe-6.2	Ubuntu	upstream	*
Linux-lowlatency-hwe-6.5	Ubuntu	jammy	*
Linux-lowlatency-hwe-6.5	Ubuntu	upstream	*
Linux-lowlatency-hwe-6.8	Ubuntu	upstream	*
Linux-lts-xenial	Ubuntu	esm-infra-legacy/trusty	*
Linux-lts-xenial	Ubuntu	trusty	*
Linux-lts-xenial	Ubuntu	trusty/esm	*
Linux-lts-xenial	Ubuntu	upstream	*
Linux-nvidia	Ubuntu	jammy	*
Linux-nvidia	Ubuntu	upstream	*
Linux-nvidia-6.11	Ubuntu	upstream	*
Linux-nvidia-6.2	Ubuntu	jammy	*
Linux-nvidia-6.2	Ubuntu	upstream	*
Linux-nvidia-6.5	Ubuntu	jammy	*
Linux-nvidia-6.5	Ubuntu	upstream	*
Linux-nvidia-6.8	Ubuntu	upstream	*
Linux-nvidia-lowlatency	Ubuntu	upstream	*
Linux-nvidia-tegra	Ubuntu	jammy	*
Linux-nvidia-tegra	Ubuntu	upstream	*
Linux-nvidia-tegra-5.15	Ubuntu	esm-infra/focal	*
Linux-nvidia-tegra-5.15	Ubuntu	focal	*
Linux-nvidia-tegra-5.15	Ubuntu	upstream	*
Linux-nvidia-tegra-igx	Ubuntu	jammy	*
Linux-nvidia-tegra-igx	Ubuntu	upstream	*
Linux-oem	Ubuntu	bionic	*
Linux-oem	Ubuntu	esm-infra/bionic	*
Linux-oem	Ubuntu	upstream	*
Linux-oem	Ubuntu	xenial	*
Linux-oem-5.10	Ubuntu	esm-infra/focal	*
Linux-oem-5.10	Ubuntu	focal	*
Linux-oem-5.10	Ubuntu	upstream	*
Linux-oem-5.13	Ubuntu	esm-infra/focal	*
Linux-oem-5.13	Ubuntu	focal	*
Linux-oem-5.13	Ubuntu	upstream	*
Linux-oem-5.14	Ubuntu	esm-infra/focal	*
Linux-oem-5.14	Ubuntu	focal	*
Linux-oem-5.14	Ubuntu	upstream	*
Linux-oem-5.17	Ubuntu	jammy	*
Linux-oem-5.17	Ubuntu	upstream	*
Linux-oem-5.6	Ubuntu	esm-infra/focal	*
Linux-oem-5.6	Ubuntu	focal	*
Linux-oem-5.6	Ubuntu	upstream	*
Linux-oem-6.0	Ubuntu	jammy	*
Linux-oem-6.0	Ubuntu	upstream	*
Linux-oem-6.1	Ubuntu	jammy	*
Linux-oem-6.1	Ubuntu	upstream	*
Linux-oem-6.11	Ubuntu	noble	*
Linux-oem-6.11	Ubuntu	upstream	*
Linux-oem-6.14	Ubuntu	upstream	*
Linux-oem-6.17	Ubuntu	upstream	*
Linux-oem-6.5	Ubuntu	jammy	*
Linux-oem-6.5	Ubuntu	upstream	*
Linux-oem-6.8	Ubuntu	noble	*
Linux-oem-6.8	Ubuntu	upstream	*
Linux-oracle	Ubuntu	bionic	*
Linux-oracle	Ubuntu	esm-infra/bionic	*
Linux-oracle	Ubuntu	esm-infra/focal	*
Linux-oracle	Ubuntu	esm-infra/xenial	*
Linux-oracle	Ubuntu	focal	*
Linux-oracle	Ubuntu	jammy	*
Linux-oracle	Ubuntu	upstream	*
Linux-oracle	Ubuntu	xenial	*
Linux-oracle-5.0	Ubuntu	bionic	*
Linux-oracle-5.0	Ubuntu	esm-infra/bionic	*
Linux-oracle-5.0	Ubuntu	upstream	*
Linux-oracle-5.11	Ubuntu	esm-infra/focal	*
Linux-oracle-5.11	Ubuntu	focal	*
Linux-oracle-5.11	Ubuntu	upstream	*
Linux-oracle-5.13	Ubuntu	esm-infra/focal	*
Linux-oracle-5.13	Ubuntu	focal	*
Linux-oracle-5.13	Ubuntu	upstream	*
Linux-oracle-5.15	Ubuntu	esm-infra/focal	*
Linux-oracle-5.15	Ubuntu	focal	*
Linux-oracle-5.15	Ubuntu	upstream	*
Linux-oracle-5.3	Ubuntu	bionic	*
Linux-oracle-5.3	Ubuntu	esm-infra/bionic	*
Linux-oracle-5.3	Ubuntu	upstream	*
Linux-oracle-5.4	Ubuntu	bionic	*
Linux-oracle-5.4	Ubuntu	esm-infra/bionic	*
Linux-oracle-5.4	Ubuntu	upstream	*
Linux-oracle-5.8	Ubuntu	esm-infra/focal	*
Linux-oracle-5.8	Ubuntu	focal	*
Linux-oracle-5.8	Ubuntu	upstream	*
Linux-oracle-6.14	Ubuntu	upstream	*
Linux-oracle-6.5	Ubuntu	jammy	*
Linux-oracle-6.5	Ubuntu	upstream	*
Linux-oracle-6.8	Ubuntu	upstream	*
Linux-raspi	Ubuntu	esm-infra/focal	*
Linux-raspi	Ubuntu	focal	*
Linux-raspi	Ubuntu	jammy	*
Linux-raspi	Ubuntu	upstream	*
Linux-raspi-5.4	Ubuntu	bionic	*
Linux-raspi-5.4	Ubuntu	esm-infra/bionic	*
Linux-raspi-5.4	Ubuntu	upstream	*
Linux-raspi-realtime	Ubuntu	noble	*
Linux-raspi-realtime	Ubuntu	upstream	*
Linux-raspi2	Ubuntu	bionic	*
Linux-raspi2	Ubuntu	esm-infra/focal	*
Linux-raspi2	Ubuntu	focal	*
Linux-raspi2	Ubuntu	upstream	*
Linux-raspi2	Ubuntu	xenial	*
Linux-realtime	Ubuntu	jammy	*
Linux-realtime	Ubuntu	noble	*
Linux-realtime	Ubuntu	realtime/jammy	*
Linux-realtime	Ubuntu	upstream	*
Linux-realtime-6.14	Ubuntu	upstream	*
Linux-realtime-6.8	Ubuntu	upstream	*
Linux-riscv	Ubuntu	esm-infra/focal	*
Linux-riscv	Ubuntu	focal	*
Linux-riscv	Ubuntu	jammy	*
Linux-riscv	Ubuntu	noble	*
Linux-riscv	Ubuntu	upstream	*
Linux-riscv-5.11	Ubuntu	esm-infra/focal	*
Linux-riscv-5.11	Ubuntu	focal	*
Linux-riscv-5.11	Ubuntu	upstream	*
Linux-riscv-5.15	Ubuntu	esm-infra/focal	*
Linux-riscv-5.15	Ubuntu	focal	*
Linux-riscv-5.15	Ubuntu	upstream	*
Linux-riscv-5.19	Ubuntu	jammy	*
Linux-riscv-5.19	Ubuntu	upstream	*
Linux-riscv-5.8	Ubuntu	esm-infra/focal	*
Linux-riscv-5.8	Ubuntu	focal	*
Linux-riscv-5.8	Ubuntu	upstream	*
Linux-riscv-6.14	Ubuntu	upstream	*
Linux-riscv-6.5	Ubuntu	jammy	*
Linux-riscv-6.5	Ubuntu	upstream	*
Linux-riscv-6.8	Ubuntu	upstream	*
Linux-starfive-5.19	Ubuntu	jammy	*
Linux-starfive-5.19	Ubuntu	upstream	*
Linux-starfive-6.2	Ubuntu	jammy	*
Linux-starfive-6.2	Ubuntu	upstream	*
Linux-starfive-6.5	Ubuntu	jammy	*
Linux-starfive-6.5	Ubuntu	upstream	*
Linux-xilinx	Ubuntu	upstream	*
Linux-xilinx-zynqmp	Ubuntu	esm-infra/focal	*
Linux-xilinx-zynqmp	Ubuntu	focal	*
Linux-xilinx-zynqmp	Ubuntu	jammy	*
Linux-xilinx-zynqmp	Ubuntu	upstream	*

Extended Description

A race condition occurs within concurrent environments, and it is effectively a property of a code sequence. Depending on the context, a code sequence may be in the form of a function call, a small number of instructions, a series of program invocations, etc. A race condition violates these properties, which are closely related:

A race condition exists when an “interfering code sequence” can still access the shared resource, violating exclusivity. The interfering code sequence could be “trusted” or “untrusted.” A trusted interfering code sequence occurs within the product; it cannot be modified by the attacker, and it can only be invoked indirectly. An untrusted interfering code sequence can be authored directly by the attacker, and typically it is external to the vulnerable product.

Potential Mitigations

Minimize the usage of shared resources in order to remove as much complexity as possible from the control flow and to reduce the likelihood of unexpected conditions occurring.
Additionally, this will minimize the amount of synchronization necessary and may even help to reduce the likelihood of a denial of service where an attacker may be able to repeatedly trigger a critical section (CWE-400).

NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-53478
CWE	https://cwe.mitre.org/data/definitions/362.html

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Weakness

Affected Software

Extended Description

Potential Mitigations

References

CVE-2023-53478

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Weakness

Affected Software

Extended Description

Potential Mitigations

Related Attack Patterns

References