Re: CVE-2024-53054: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction

From: Michal Koutný
Date: Wed Nov 27 2024 - 12:38:07 EST

Next message: Thomas Gleixner: "Re: [PATCH] ntp: fix bug in adjtimex reading time offset"
Previous message: Andrew Lunn: "Re: [PATCH] PHY: Fix no autoneg corner case"
Next in thread: Greg KH: "Re: CVE-2024-53054: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello.

On Sun, Sep 16, 2001 at 10:00:00PM GMT, Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx> wrote:
> This issue can be reproduced by the following pressuse test:
> 1. A large number of cpuset cgroups are deleted.
> 2. Set cpu on and off repeatly.
> 3. Set watchdog_thresh repeatly.

The lockup is triggered in this very specific stress testing scenario.
CPU offlining (write holding of cpu_hotplug_lock) is necessary to cause
_this_ lockup. Both 2 and 3 are privileged operations (in a tight loop
to hit the window).

I don't think this qualifies as vulnerability.

Michal

Attachment: signature.asc
Description: PGP signature

Next message: Thomas Gleixner: "Re: [PATCH] ntp: fix bug in adjtimex reading time offset"
Previous message: Andrew Lunn: "Re: [PATCH] PHY: Fix no autoneg corner case"
Next in thread: Greg KH: "Re: CVE-2024-53054: cgroup/bpf: use a dedicated workqueue for cgroup bpf destruction"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]