CVE-2023-52993

Summary

CVE-2023-52993 is a vulnerability affecting the Linux kernel. It was reported that under certain conditions, a crash could cause the subsequent crash-kernel to fail to boot approximately half of the time. This occurs due to a NULL pointer dereference in the periodic tick code, triggered by a resend of the legacy timer interrupt (IRQ0). The resend happens because of a spurious APIC interrupt on the IRQ0 vector, which is captured and leads to a resend when the legacy timer interrupt is enabled. However, legacy PIC interrupts are level-triggered and should never be resent in software. The issue arises because nothing sets the IRQ_LEVEL flag on those interrupts, causing the core code to be unaware of their trigger type. To mitigate this vulnerability, ensure that IRQ_LEVEL is set when setting up legacy PCI interrupts.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.