CVE-2025-23138
Published Apr 16, 2025
Last updated 2 months ago
- Description
- In the Linux kernel, the following vulnerability has been resolved: watch_queue: fix pipe accounting mismatch Currently, watch_queue_set_size() modifies the pipe buffers charged to user->pipe_bufs without updating the pipe->nr_accounted on the pipe itself, due to the if (!pipe_has_watch_queue()) test in pipe_resize_ring(). This means that when the pipe is ultimately freed, we decrement user->pipe_bufs by something other than what than we had charged to it, potentially leading to an underflow. This in turn can cause subsequent too_many_pipe_buffers_soft() tests to fail with -EPERM. To remedy this, explicitly account for the pipe usage in watch_queue_set_size() to match the number set via account_pipe_buffers() (It's unclear why watch_queue_set_size() does not update nr_accounted; it may be due to intentional overprovisioning in watch_queue_set_size()?)
- Source
- 416baaa9-dc9f-4396-8d5f-8c081fb06d67
- NVD status
- Awaiting Analysis
- Hype score
- Not currently trending
Linux Kernelの脆弱性(CVE-2025-22018〜CVE-2025-23138) #security #vulnerability #セキュリティ #脆弱性 #linux #kernel https://t.co/YM6EVCF4kb
@omokazuki
20 Apr 2025
99 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-23138 In the Linux kernel, the following vulnerability has been resolved: watch_queue https://t.co/OCehkUIf0p
@VulmonFeeds
16 Apr 2025
63 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes