CVE-2023-53007 Information

Description

In the Linux kernel the following vulnerability has been resolved:

tracing: Make sure trace_printk() can output as soon as it can be used

Currently trace_printk() can be used as soon as early_trace_init() is called from start_kernel(). But if a crash happens and trace_dump_on_oops\ is set on the kernel command line all you get will be:

[ 0.456075] -0 0dN.2. 347519us : Unknown type 6 [ 0.456075] -0 0dN.2. 353141us : Unknown type 6 [ 0.456075] -0 0dN.2. 358684us : Unknown type 6

This is because the trace_printk() event (type 6) hasn’t been registered yet. That gets done via an early_initcall() which may be early but not early enough.

Instead of registering the trace_printk() event (and other ftrace events which are not trace events) via an early_initcall() have them registered at the same time that trace_printk() can be used. This way if there is a crash before early_initcall() then the trace_printk()s will actually be useful.

Reference

https://git.kernel.org/stable/c/198c83963f6335ca6d690cff067679560f2a3a22 https://git.kernel.org/stable/c/3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253 https://git.kernel.org/stable/c/76b2390fdc80c0a8300e5da5b6b62d201b6fe9ce https://git.kernel.org/stable/c/b0af180514edea6c83dc9a299d9f383009c99f25 https://git.kernel.org/stable/c/b94d7c7654356860dd7719120c7d15ba38b6162a https://git.kernel.org/stable/c/de3930a4883ddad2244efd6d349013294c62c75c https://git.kernel.org/stable/c/f97eb0ab066133483a65c93eb894748de2f6b598