{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-52831","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2024-05-21T15:19:24.251Z","datePublished":"2024-05-21T15:31:33.566Z","dateUpdated":"2026-01-05T10:17:42.537Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-01-05T10:17:42.537Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncpu/hotplug: Don't offline the last non-isolated CPU\n\nIf a system has isolated CPUs via the \"isolcpus=\" command line parameter,\nthen an attempt to offline the last housekeeping CPU will result in a\nWARN_ON() when rebuilding the scheduler domains and a subsequent panic due\nto and unhandled empty CPU mas in partition_sched_domains_locked().\n\ncpuset_hotplug_workfn()\n  rebuild_sched_domains_locked()\n    ndoms = generate_sched_domains(&doms, &attr);\n      cpumask_and(doms[0], top_cpuset.effective_cpus, housekeeping_cpumask(HK_FLAG_DOMAIN));\n\nThus results in an empty CPU mask which triggers the warning and then the\nsubsequent crash:\n\nWARNING: CPU: 4 PID: 80 at kernel/sched/topology.c:2366 build_sched_domains+0x120c/0x1408\nCall trace:\n build_sched_domains+0x120c/0x1408\n partition_sched_domains_locked+0x234/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n rebuild_sched_domains+0x30/0x58\n cpuset_hotplug_workfn+0x2a8/0x930\n\nUnable to handle kernel paging request at virtual address fffe80027ab37080\n partition_sched_domains_locked+0x318/0x880\n rebuild_sched_domains_locked+0x37c/0x798\n\nAside of the resulting crash, it does not make any sense to offline the last\nlast housekeeping CPU.\n\nPrevent this by masking out the non-housekeeping CPUs when selecting a\ntarget CPU for initiating the CPU unplug operation via the work queue."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/cpu.c"],"versions":[{"version":"fea9dd8653ff39ce383c54e747bde4c39289b4ad","lessThan":"3410b702354702b500bde10e3cc1f9db8731d908","status":"affected","versionType":"git"},{"version":"07f9e0c9987bf1c4ef57611ad2f789ba68978102","lessThan":"335a47ed71e332c82339d1aec0c7f6caccfcda13","status":"affected","versionType":"git"},{"version":"2b8272ff4a70b866106ae13c36be7ecbef5d5da2","lessThan":"3073f6df783d9d75f7f69f73e16c7ef85d6cfb63","status":"affected","versionType":"git"},{"version":"2b8272ff4a70b866106ae13c36be7ecbef5d5da2","lessThan":"38685e2a0476127db766f81b1c06019ddc4c9ffa","status":"affected","versionType":"git"},{"version":"9734e4c0c470258c32b6aa5ea7ef8a86506c0909","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/cpu.c"],"versions":[{"version":"6.6","status":"affected"},{"version":"0","lessThan":"6.6","status":"unaffected","versionType":"semver"},{"version":"6.1.64","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.5.13","lessThanOrEqual":"6.5.*","status":"unaffected","versionType":"semver"},{"version":"6.6.3","lessThanOrEqual":"6.6.*","status":"unaffected","versionType":"semver"},{"version":"6.7","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.1.53","versionEndExcluding":"6.1.64"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.5.3","versionEndExcluding":"6.5.13"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.6.3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.6","versionEndExcluding":"6.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.4.16"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908"},{"url":"https://git.kernel.org/stable/c/335a47ed71e332c82339d1aec0c7f6caccfcda13"},{"url":"https://git.kernel.org/stable/c/3073f6df783d9d75f7f69f73e16c7ef85d6cfb63"},{"url":"https://git.kernel.org/stable/c/38685e2a0476127db766f81b1c06019ddc4c9ffa"}],"title":"cpu/hotplug: Don't offline the last non-isolated CPU","x_generator":{"engine":"bippy-1.2.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2024-05-22T19:07:45.620666Z","id":"CVE-2023-52831","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2024-07-24T20:44:55.485Z"}},{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-02T23:11:36.073Z"},"title":"CVE Program Container","references":[{"url":"https://git.kernel.org/stable/c/3410b702354702b500bde10e3cc1f9db8731d908","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/335a47ed71e332c82339d1aec0c7f6caccfcda13","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/3073f6df783d9d75f7f69f73e16c7ef85d6cfb63","tags":["x_transferred"]},{"url":"https://git.kernel.org/stable/c/38685e2a0476127db766f81b1c06019ddc4c9ffa","tags":["x_transferred"]}]}]}}