CVE-2023-52774
📋 TL;DR
A race condition vulnerability in the Linux kernel's s390/dasd driver allows concurrent access to the device queue during profiling operations. This can lead to kernel panics due to incorrect pointer accesses when parallel I/O operations occur, especially with alias devices enabled. Systems running affected Linux kernel versions on s390 architecture are impacted.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially causing data corruption or loss.
Likely Case
System instability or crashes under heavy I/O load, particularly in environments with alias devices enabled.
If Mitigated
Minimal impact with proper kernel patching; systems without alias devices or heavy parallel I/O may not experience issues.
🎯 Exploit Status
Exploitation requires local access and ability to generate specific I/O patterns; no public exploits known.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits: 6062c527d0403cef27c54b91ac8390c3a497b250, 9372aab5d0ff621ea203c8c603e7e5f75e888240, c841de6247e94e07566d57163d3c0d8b29278f7a, db46cd1e0426f52999d50fa72cfa97fa39952885, dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be
Vendor Advisory: https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250
Restart Required: Yes
Instructions:
1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution vendor for specific patched kernel packages. 3. Reboot system after kernel update.
🔧 Temporary Workarounds
Disable alias devices
linuxReduce likelihood of triggering the race condition by disabling DASD alias devices.
echo 0 > /sys/bus/ccw/drivers/dasd-eckd/alias_device
Limit parallel I/O
linuxReduce concurrent I/O operations to minimize race condition triggers.
# Configure I/O scheduler limits or reduce workload concurrency
🧯 If You Can't Patch
- Monitor system logs for kernel panic indicators and implement rapid recovery procedures.
- Isolate affected s390 systems from critical workloads and implement redundancy.
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if running on s390 architecture: uname -r && uname -mCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits: git log --oneline | grep -E '6062c527d040|9372aab5d0ff|c841de6247e9|db46cd1e0426|dc96fde8fcb2'📡 Detection & Monitoring
Log Indicators:
- Kernel panic messages in /var/log/messages or dmesg
- OOPs (kernel crash) logs mentioning dasd_profile_start
Network Indicators:
- None - local kernel vulnerability
SIEM Query:
source="kernel" AND ("panic" OR "Oops") AND "dasd"🔗 References
- https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250
- https://git.kernel.org/stable/c/9372aab5d0ff621ea203c8c603e7e5f75e888240
- https://git.kernel.org/stable/c/c841de6247e94e07566d57163d3c0d8b29278f7a
- https://git.kernel.org/stable/c/db46cd1e0426f52999d50fa72cfa97fa39952885
- https://git.kernel.org/stable/c/dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be
- https://git.kernel.org/stable/c/ebdc569a07a3e8dbe66b4184922ad6f88ac0b96f
- https://git.kernel.org/stable/c/f1ac7789406e2ca9ac51c41ad2daa597f47bdd4d
- https://git.kernel.org/stable/c/f75617cc8df4155374132f0b500b0b3ebb967458
- https://git.kernel.org/stable/c/6062c527d0403cef27c54b91ac8390c3a497b250
- https://git.kernel.org/stable/c/9372aab5d0ff621ea203c8c603e7e5f75e888240
- https://git.kernel.org/stable/c/c841de6247e94e07566d57163d3c0d8b29278f7a
- https://git.kernel.org/stable/c/db46cd1e0426f52999d50fa72cfa97fa39952885
- https://git.kernel.org/stable/c/dc96fde8fcb2b896fd6c64802a7f4ece2e69b0be
- https://git.kernel.org/stable/c/ebdc569a07a3e8dbe66b4184922ad6f88ac0b96f
- https://git.kernel.org/stable/c/f1ac7789406e2ca9ac51c41ad2daa597f47bdd4d
- https://git.kernel.org/stable/c/f75617cc8df4155374132f0b500b0b3ebb967458
