Description
In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 ("eventpoll: Set epoll timeout if it's in the future"), the following program would immediately enter a busy loop in the kernel: ``` int main() { int e = epoll_create1(0); struct epoll_event event = {.events = EPOLLIN}; epoll_ctl(e, EPOLL_CTL_ADD, 0, &event); const struct timespec timeout = {.tv_nsec = 1}; epoll_pwait2(e, &event, 1, &timeout, 0); } ``` This happens because the given (non-zero) timeout of 1 nanosecond usually expires before ep_poll() is entered and then ep_schedule_timeout() returns false, but `timed_out` is never set because the code line that sets it is skipped. This quickly turns into a soft lockup, RCU stalls and deadlocks, inflicting severe headaches to the whole system. When the timeout has expired, we don't need to schedule a hrtimer, but we should set the `timed_out` variable. Therefore, I suggest moving the ep_schedule_timeout() check into the `timed_out` expression instead of skipping it. brauner: Note that there was an earlier fix by Joe Damato in response to my bug report in [1].
Details
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Affected Packages
| Software | From version | Fixed in |
|---|---|---|
| linux-allwinner-5.19 | — | — |
| linux-aws-5.0 | — | — |
| linux-aws-5.11 | — | — |
| linux-aws-5.13 | — | — |
| linux-aws-5.19 | — | — |
| linux-aws-5.3 | — | — |
| linux-aws-5.8 | — | — |
| linux-aws-6.2 | — | — |
| linux-aws-6.5 | — | — |
| linux-azure | — | — |
| linux-azure-5.11 | — | — |
| linux-azure-5.13 | — | — |
| linux-azure-5.19 | — | — |
| linux-azure-5.3 | — | — |
| linux-azure-5.8 | — | — |
| linux-azure-6.2 | — | — |
| linux-azure-6.5 | — | — |
| linux-azure-edge | — | — |
| linux-azure-fde | — | — |
| linux-azure-fde-5.19 | — | — |
| linux-azure-fde-6.2 | — | — |
| linux-gcp | — | — |
| linux-gcp-5.11 | — | — |
| linux-gcp-5.13 | — | — |
| linux-gcp-5.19 | — | — |
| linux-gcp-5.3 | — | — |
| linux-gcp-5.8 | — | — |
| linux-gcp-6.14 | — | 6.14.0-1011.11~24.04.1 |
| linux-gcp-6.2 | — | — |
| linux-gcp-6.5 | — | — |
| linux-gke | — | — |
| linux-gke-4.15 | — | — |
| linux-gke-5.15 | — | — |
| linux-gke-5.4 | — | — |
| linux-gkeop | — | — |
| linux-gkeop-5.15 | — | — |
| linux-gkeop-5.4 | — | — |
| linux-hwe | — | — |
| linux-hwe-5.11 | — | — |
| linux-hwe-5.13 | — | — |
| linux-hwe-5.19 | — | — |
| linux-hwe-5.8 | — | — |
| linux-hwe-6.2 | — | — |
| linux-hwe-6.5 | — | — |
| linux-hwe-edge | — | — |
| linux-intel-5.13 | — | — |
| linux-intel-iot-realtime | — | — |
| linux-lowlatency-hwe-5.19 | — | — |
| linux-lowlatency-hwe-6.2 | — | — |
| linux-lowlatency-hwe-6.5 | — | — |
| linux-nvidia-6.2 | — | — |
| linux-nvidia-6.5 | — | — |
| linux-oem | — | — |
| linux-oem-5.10 | — | — |
| linux-oem-5.13 | — | — |
| linux-oem-5.14 | — | — |
| linux-oem-5.17 | — | — |
| linux-oem-5.6 | — | — |
| linux-oem-6.0 | — | — |
| linux-oem-6.1 | — | — |
| linux-oem-6.5 | — | — |
| linux-oracle-5.0 | — | — |
| linux-oracle-5.11 | — | — |
| linux-oracle-5.13 | — | — |
| linux-oracle-5.3 | — | — |
| linux-oracle-5.8 | — | — |
| linux-oracle-6.5 | — | — |
| linux-raspi-realtime | — | — |
| linux-raspi2 | — | — |
| linux-realtime | — | — |
| linux-realtime-6.14 | — | 6.14.0-1010.10~24.04.1 |
| linux-riscv | — | — |
| linux-riscv-5.11 | — | — |
| linux-riscv-5.19 | — | — |
| linux-riscv-5.8 | — | — |
| linux-riscv-6.5 | — | — |
| linux-starfive-5.19 | — | — |
| linux-starfive-6.2 | — | — |
| linux-starfive-6.5 | — | — |
References
Similar Threats
- Unknown UBUNTU-CVE-2016-20022
- Unknown UBUNTU-CVE-2020-36778
- Unknown UBUNTU-CVE-2020-36779
- Unknown UBUNTU-CVE-2020-36780
- Unknown UBUNTU-CVE-2020-36781
Free Vulnerability Check
Is your WordPress site affected?
BotEraser helps you identify potentially vulnerable plugins and themes by checking your installation against known CVE records.
Scan My Site Free →No credit card required · Results in minutes
ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.