Home

Description

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix warning in trace_buffered_event_disable() Warning happened in trace_buffered_event_disable() at WARN_ON_ONCE(!trace_buffered_event_ref) Call Trace: ? __warn+0xa5/0x1b0 ? trace_buffered_event_disable+0x189/0x1b0 __ftrace_event_enable_disable+0x19e/0x3e0 free_probe_data+0x3b/0xa0 unregister_ftrace_function_probe_func+0x6b8/0x800 event_enable_func+0x2f0/0x3d0 ftrace_process_regex.isra.0+0x12d/0x1b0 ftrace_filter_write+0xe6/0x140 vfs_write+0x1c9/0x6f0 [...] The cause of the warning is in __ftrace_event_enable_disable(), trace_buffered_event_enable() was called once while trace_buffered_event_disable() was called twice. Reproduction script show as below, for analysis, see the comments: ``` #!/bin/bash cd /sys/kernel/tracing/ # 1. Register a 'disable_event' command, then: # 1) SOFT_DISABLED_BIT was set; # 2) trace_buffered_event_enable() was called first time; echo 'cmdline_proc_show:disable_event:initcall:initcall_finish' > \ set_ftrace_filter # 2. Enable the event registered, then: # 1) SOFT_DISABLED_BIT was cleared; # 2) trace_buffered_event_disable() was called first time; echo 1 > events/initcall/initcall_finish/enable # 3. Try to call into cmdline_proc_show(), then SOFT_DISABLED_BIT was # set again!!! cat /proc/cmdline # 4. Unregister the 'disable_event' command, then: # 1) SOFT_DISABLED_BIT was cleared again; # 2) trace_buffered_event_disable() was called second time!!! echo '!cmdline_proc_show:disable_event:initcall:initcall_finish' > \ set_ftrace_filter ``` To fix it, IIUC, we can change to call trace_buffered_event_enable() at fist time soft-mode enabled, and call trace_buffered_event_disable() at last time soft-mode disabled.

PUBLISHED Reserved 2025-12-30 | Published 2025-12-30 | Updated 2025-12-30 | Assigner Linux

Product status

Default status
unaffected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before 1488d782c9e43087a3f341b8186cd25f3cf75583
affected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before b4f4ab423107dc1ba8e9cc6488c645be6403d3f5
affected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before cdcc35e6454133feb61561b4e0d0c80e52cbc2ba
affected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before a6d2fd1703cdc8ecfc3e73987e0fb7474ae2b074
affected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before 813cede7b2f5a4b1b75d2d4bb4e705cc8e063b20
affected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before a3a3c7bddab9b6c5690b20796ef5e332b8c48afb
affected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before 528c9d73153754defb748f0b96ad33308668d817
affected

0fc1b09ff1ff404ddf753f5ffa5cd0adc8fdcdc9 (git) before dea499781a1150d285c62b26659f62fb00824fce
affected

Default status
affected

4.7
affected

Any version before 4.7
unaffected

4.14.322 (semver)
unaffected

4.19.291 (semver)
unaffected

5.4.253 (semver)
unaffected

5.10.190 (semver)
unaffected

5.15.124 (semver)
unaffected

6.1.43 (semver)
unaffected

6.4.8 (semver)
unaffected

6.5 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/1488d782c9e43087a3f341b8186cd25f3cf75583

git.kernel.org/...c/b4f4ab423107dc1ba8e9cc6488c645be6403d3f5

git.kernel.org/...c/cdcc35e6454133feb61561b4e0d0c80e52cbc2ba

git.kernel.org/...c/a6d2fd1703cdc8ecfc3e73987e0fb7474ae2b074

git.kernel.org/...c/813cede7b2f5a4b1b75d2d4bb4e705cc8e063b20

git.kernel.org/...c/a3a3c7bddab9b6c5690b20796ef5e332b8c48afb

git.kernel.org/...c/528c9d73153754defb748f0b96ad33308668d817

git.kernel.org/...c/dea499781a1150d285c62b26659f62fb00824fce

cve.org (CVE-2023-54211)

nvd.nist.gov (CVE-2023-54211)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.