CVE-2023-52775
📋 TL;DR
A race condition in the Linux kernel's SMC-R (Shared Memory Communications over RDMA) implementation causes data corruption when applications receive SMC protocol decline messages instead of expected application data. This affects systems running Redis or other applications using SMC-R networking with vulnerable Linux kernel versions.
💻 Affected Systems
- Linux Kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Data corruption leading to application crashes, data loss, or service disruption in Redis or other SMC-R applications.
Likely Case
Application errors and data corruption in Redis benchmarks and similar network-intensive applications using SMC-R.
If Mitigated
Minor performance degradation with proper timeout configuration.
🎯 Exploit Status
Exploitation requires specific timing conditions and SMC-R usage. Discovered during Redis benchmark testing, not through malicious exploitation.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel branches via provided git commits
Vendor Advisory: https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c
Restart Required: Yes
Instructions:
1. Apply kernel patches from provided git commits
2. Recompile kernel if using custom build
3. Reboot system to load patched kernel
4. For distribution kernels, update to latest patched version
🔧 Temporary Workarounds
Disable SMC-R
linuxDisable SMC-R networking to avoid the vulnerability
echo 0 > /proc/sys/net/smc/smc_r_enabled
Use TCP fallback only
linuxConfigure applications to use TCP instead of SMC-R
🧯 If You Can't Patch
- Disable SMC-R networking on affected systems
- Use TCP networking for Redis and other affected applications instead of SMC-R
🔍 How to Verify
Check if Vulnerable:
Check if SMC-R is enabled and kernel version is unpatched: cat /proc/sys/net/smc/smc_r_enabled && uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes patches and test Redis/SMC-R applications for data corruption📡 Detection & Monitoring
Log Indicators:
- Redis protocol errors mentioning '\xe2' as reply type byte
- Application errors indicating data corruption
Network Indicators:
- SMC DECLINE messages in network traffic
- Unexpected SMC protocol messages in application data streams
SIEM Query:
Search for Redis error logs containing 'Protocol error, got "\\xe2" as reply type byte' or similar corruption indicators🔗 References
- https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c
- https://git.kernel.org/stable/c/7234d2b5dffa5af77fd4e0deaebab509e130c6b1
- https://git.kernel.org/stable/c/90072af9efe8c7bd7d086709014ddd44cebd5e7c
- https://git.kernel.org/stable/c/94a0ae698b4d5d5bb598e23228002a1491c50add
- https://git.kernel.org/stable/c/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563
- https://git.kernel.org/stable/c/5ada292b5c504720a0acef8cae9acc62a694d19c
- https://git.kernel.org/stable/c/7234d2b5dffa5af77fd4e0deaebab509e130c6b1
- https://git.kernel.org/stable/c/90072af9efe8c7bd7d086709014ddd44cebd5e7c
- https://git.kernel.org/stable/c/94a0ae698b4d5d5bb598e23228002a1491c50add
- https://git.kernel.org/stable/c/e6d71b437abc2f249e3b6a1ae1a7228e09c6e563
