Bug 2396500 (CVE-2023-53421) - CVE-2023-53421 kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()
Summary: CVE-2023-53421 kernel: blk-cgroup: Reinit blkg_iostat_set after clearing in b...
Keywords:
Status: NEW
Alias: CVE-2023-53421
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Product Security DevOps Team
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-09-18 17:01 UTC by OSIDB Bzimport
Modified: 2025-09-18 19:44 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments (Terms of Use)

Description OSIDB Bzimport 2025-09-18 17:01:49 UTC 
In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()

When blkg_alloc() is called to allocate a blkcg_gq structure
with the associated blkg_iostat_set's, there are 2 fields within
blkg_iostat_set that requires proper initialization - blkg & sync.
The former field was introduced by commit 3b8cc6298724 ("blk-cgroup:
Optimize blkcg_rstat_flush()") while the later one was introduced by
commit f73316482977 ("blk-cgroup: reimplement basic IO stats using
cgroup rstat").

Unfortunately those fields in the blkg_iostat_set's are not properly
re-initialized when they are cleared in v1's blkcg_reset_stats(). This
can lead to a kernel panic due to NULL pointer access of the blkg
pointer. The missing initialization of sync is less problematic and
can be a problem in a debug kernel due to missing lockdep initialization.

Fix these problems by re-initializing them after memory clearing.
Comment 1 Keith Grant 2025-09-18 19:42:16 UTC 
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2025091855-CVE-2023-53421-0dd9@gregkh/T
Note You need to log in before you can comment on or make changes to this bug.