CVE-2023-52932: mm/swapfile: add cond_resched() in get_swap_pages()
First published: Thu Mar 27 2025(Updated: )
In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add cond_resched() in get_swap_pages() The softlockup still occurs in get_swap_pages() under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Use the stress-ng tool to increase memory pressure, causing the system to oom frequently. The plist_for_each_entry_safe() loops in get_swap_pages() could reach tens of thousands of times to find available space (extreme case: cond_resched() is not called in scan_swap_map_slots()). Let's add cond_resched() into get_swap_pages() when failed to find available space to avoid softlockup.
Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Linux Kernel | ||
| Linux Kernel | <4.14.306 | |
| Linux Kernel | >=4.15<4.19.273 | |
| Linux Kernel | >=4.20<5.4.232 | |
| Linux Kernel | >=5.5<5.10.168 | |
| Linux Kernel | >=5.11<5.15.93 | |
| Linux Kernel | >=5.16<6.1.11 | |
| Linux Kernel | =6.2-rc1 | |
| Linux Kernel | =6.2-rc2 | |
| Linux Kernel | =6.2-rc3 | |
| Linux Kernel | =6.2-rc4 | |
| Linux Kernel | =6.2-rc5 | |
| Linux Kernel | =6.2-rc6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/stable/c/29f0349c5c76b627fe06b87d4b13fa03a6ce8e64
- https://git.kernel.org/stable/c/387217b97e99699c34e6d95ce2b91b327fcd853e
- https://git.kernel.org/stable/c/d49c85a1913385eed46dd16a25ad0928253767f0
- https://git.kernel.org/stable/c/30187be29052bba9203b0ae2bdd815e0bc2faaab
- https://git.kernel.org/stable/c/5dbe1ebd56470d03b78fc31491a9e4d433106ef2
- https://git.kernel.org/stable/c/49178d4d61e78aed8c837dfeea8a450700f196e2
- https://git.kernel.org/stable/c/7717fc1a12f88701573f9ed897cc4f6699c661e3
Frequently Asked Questions
What is the severity of CVE-2023-52932?
CVE-2023-52932 has a severity rating that indicates its potential impact on system performance under certain conditions.
How do I fix CVE-2023-52932?
To mitigate CVE-2023-52932, apply the patches provided in the updated versions of the Linux kernel.
Which versions of the Linux kernel are affected by CVE-2023-52932?
CVE-2023-52932 affects multiple versions of the Linux kernel, particularly those before 6.2-rc1.
What operational issues does CVE-2023-52932 cause?
CVE-2023-52932 can lead to softlockup situations in the get_swap_pages function during high memory pressure.
Is there a workaround for CVE-2023-52932?
Currently, the recommended approach for CVE-2023-52932 is to update to a patched version of the Linux kernel, as no specific workaround is provided.
- collector/mitre-cve
- source/MITRE
- agent/first-publish-date
- agent/references
- agent/type
- agent/description
- agent/title
- agent/author
- agent/guess-ai
- agent/software-canonical-lookup
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/remedy
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/linux
- canonical/linux kernel
- version/linux kernel/4.15
- version/linux kernel/4.20
- version/linux kernel/5.5
- version/linux kernel/5.11
- version/linux kernel/5.16
- version/linux kernel/6.2-rc1
- version/linux kernel/6.2-rc2
- version/linux kernel/6.2-rc3
- version/linux kernel/6.2-rc4
- version/linux kernel/6.2-rc5
- version/linux kernel/6.2-rc6