CVE-2023-53070: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent Commit 0c80f9e165f8 ("ACPI: PPTT: Leave the table mapped for the runtime usage") enabled to map PPTT once on the first invocation of acpi_get_pptt() and never unmapped the same allowing it to be used at runtime with out the hassle of mapping and unmapping the table. This was needed to fetch LLC information from the PPTT in the cpuhotplug path which is executed in the atomic context as the acpi_get_table() might sleep waiting for a mutex. However it missed to handle the case when there is no PPTT on the system which results in acpi_get_pptt() being called from all the secondary CPUs attempting to fetch the LLC information in the atomic context without knowing the absence of PPTT resulting in the splat like below: | BUG: sleeping function called from invalid context at kernel/locking/semaphore.c:164 | in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/1 | preempt_count: 1, expected: 0 | RCU nest depth: 0, expected: 0 | no locks held by swapper/1/0. | irq event stamp: 0 | hardirqs last enabled at (0): 0x0 | hardirqs last disabled at (0): copy_process+0x61c/0x1b40 | softirqs last enabled at (0): copy_process+0x61c/0x1b40 | softirqs last disabled at (0): 0x0 | CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.3.0-rc1 #1 | Call trace: | dump_backtrace+0xac/0x138 | show_stack+0x30/0x48 | dump_stack_lvl+0x60/0xb0 | dump_stack+0x18/0x28 | __might_resched+0x160/0x270 | __might_sleep+0x58/0xb0 | down_timeout+0x34/0x98 | acpi_os_wait_semaphore+0x7c/0xc0 | acpi_ut_acquire_mutex+0x58/0x108 | acpi_get_table+0x40/0xe8 | acpi_get_pptt+0x48/0xa0 | acpi_get_cache_info+0x38/0x140 | init_cache_level+0xf4/0x118 | detect_cache_attributes+0x2e4/0x640 | update_siblings_masks+0x3c/0x330 | store_cpu_topology+0x88/0xf0 | secondary_start_kernel+0xd0/0x168 | __secondary_switched+0xb8/0xc0 Update acpi_get_pptt() to consider the fact that PPTT is once checked and is not available on the system and return NULL avoiding any attempts to fetch PPTT and thereby avoiding any possible sleep waiting for a mutex in the atomic context.
AI Analysis
Technical Summary
CVE-2023-53070 is a vulnerability in the Linux kernel related to the Advanced Configuration and Power Interface (ACPI) subsystem, specifically the handling of the Processor Properties Topology Table (PPTT). The PPTT is used to provide information about processor cache topology, such as last-level cache (LLC) details, which the kernel fetches during CPU initialization and hotplug operations. The vulnerability arises from improper handling of the case when the PPTT is absent on a system. A recent kernel commit (0c80f9e165f8) optimized PPTT handling by mapping the table once and leaving it mapped for runtime usage to avoid repeated mapping/unmapping and potential sleeping in atomic contexts. However, this commit failed to account for systems without a PPTT, causing the function acpi_get_pptt() to be called by secondary CPUs in atomic context, attempting to fetch LLC information. Since acpi_get_table() may sleep waiting for a mutex, this leads to a BUG triggered by a sleeping function call in an invalid atomic context. The kernel stack trace shows that this results in a kernel panic or crash (splat), disrupting system operation. The fix involves updating acpi_get_pptt() to recognize when PPTT is absent and return NULL immediately, preventing any attempts to fetch the PPTT and avoiding sleeping in atomic context. This vulnerability affects Linux kernel versions containing the specified commits and can cause system instability or crashes on affected systems without PPTT tables during CPU initialization or hotplug events.
Potential Impact
For European organizations relying on Linux-based systems, particularly servers and infrastructure running kernels affected by this vulnerability, the impact includes potential system crashes or kernel panics during CPU initialization or hotplug operations. This can lead to denial of service (DoS) conditions, affecting availability of critical services. Systems without PPTT tables are specifically vulnerable, which may include certain hardware configurations common in data centers or enterprise environments. The disruption caused by kernel panics can result in downtime, loss of productivity, and potential cascading failures in clustered or virtualized environments. While this vulnerability does not directly expose confidentiality or integrity risks, the availability impact can be significant for organizations with high uptime requirements. Additionally, recovery from kernel panics may require manual intervention, increasing operational overhead. Since exploitation does not require user interaction but occurs during kernel operations, attackers with local access or malicious code execution capabilities could trigger the crash intentionally to disrupt services.
Mitigation Recommendations
European organizations should ensure that all Linux systems are updated to kernel versions that include the fix for CVE-2023-53070. Specifically, they should apply patches that update acpi_get_pptt() to handle the absence of PPTT correctly. System administrators should audit their hardware configurations to identify systems lacking PPTT tables and prioritize patching those systems. For environments using custom or long-term support kernels, backporting the fix is recommended. Additionally, monitoring kernel logs for BUG messages related to ACPI or PPTT can help detect attempts to trigger this issue. In virtualized or cloud environments, ensure hypervisor and guest kernel compatibility to avoid triggering the vulnerability during CPU hotplug events. Implementing automated kernel update mechanisms and testing patches in staging environments before production deployment will reduce downtime risks. Finally, consider restricting local access and hardening systems to prevent unauthorized code execution that could exploit this vulnerability to cause denial of service.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Italy, Spain
CVE-2023-53070: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent Commit 0c80f9e165f8 ("ACPI: PPTT: Leave the table mapped for the runtime usage") enabled to map PPTT once on the first invocation of acpi_get_pptt() and never unmapped the same allowing it to be used at runtime with out the hassle of mapping and unmapping the table. This was needed to fetch LLC information from the PPTT in the cpuhotplug path which is executed in the atomic context as the acpi_get_table() might sleep waiting for a mutex. However it missed to handle the case when there is no PPTT on the system which results in acpi_get_pptt() being called from all the secondary CPUs attempting to fetch the LLC information in the atomic context without knowing the absence of PPTT resulting in the splat like below: | BUG: sleeping function called from invalid context at kernel/locking/semaphore.c:164 | in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 0, name: swapper/1 | preempt_count: 1, expected: 0 | RCU nest depth: 0, expected: 0 | no locks held by swapper/1/0. | irq event stamp: 0 | hardirqs last enabled at (0): 0x0 | hardirqs last disabled at (0): copy_process+0x61c/0x1b40 | softirqs last enabled at (0): copy_process+0x61c/0x1b40 | softirqs last disabled at (0): 0x0 | CPU: 1 PID: 0 Comm: swapper/1 Not tainted 6.3.0-rc1 #1 | Call trace: | dump_backtrace+0xac/0x138 | show_stack+0x30/0x48 | dump_stack_lvl+0x60/0xb0 | dump_stack+0x18/0x28 | __might_resched+0x160/0x270 | __might_sleep+0x58/0xb0 | down_timeout+0x34/0x98 | acpi_os_wait_semaphore+0x7c/0xc0 | acpi_ut_acquire_mutex+0x58/0x108 | acpi_get_table+0x40/0xe8 | acpi_get_pptt+0x48/0xa0 | acpi_get_cache_info+0x38/0x140 | init_cache_level+0xf4/0x118 | detect_cache_attributes+0x2e4/0x640 | update_siblings_masks+0x3c/0x330 | store_cpu_topology+0x88/0xf0 | secondary_start_kernel+0xd0/0x168 | __secondary_switched+0xb8/0xc0 Update acpi_get_pptt() to consider the fact that PPTT is once checked and is not available on the system and return NULL avoiding any attempts to fetch PPTT and thereby avoiding any possible sleep waiting for a mutex in the atomic context.
AI-Powered Analysis
Technical Analysis
CVE-2023-53070 is a vulnerability in the Linux kernel related to the Advanced Configuration and Power Interface (ACPI) subsystem, specifically the handling of the Processor Properties Topology Table (PPTT). The PPTT is used to provide information about processor cache topology, such as last-level cache (LLC) details, which the kernel fetches during CPU initialization and hotplug operations. The vulnerability arises from improper handling of the case when the PPTT is absent on a system. A recent kernel commit (0c80f9e165f8) optimized PPTT handling by mapping the table once and leaving it mapped for runtime usage to avoid repeated mapping/unmapping and potential sleeping in atomic contexts. However, this commit failed to account for systems without a PPTT, causing the function acpi_get_pptt() to be called by secondary CPUs in atomic context, attempting to fetch LLC information. Since acpi_get_table() may sleep waiting for a mutex, this leads to a BUG triggered by a sleeping function call in an invalid atomic context. The kernel stack trace shows that this results in a kernel panic or crash (splat), disrupting system operation. The fix involves updating acpi_get_pptt() to recognize when PPTT is absent and return NULL immediately, preventing any attempts to fetch the PPTT and avoiding sleeping in atomic context. This vulnerability affects Linux kernel versions containing the specified commits and can cause system instability or crashes on affected systems without PPTT tables during CPU initialization or hotplug events.
Potential Impact
For European organizations relying on Linux-based systems, particularly servers and infrastructure running kernels affected by this vulnerability, the impact includes potential system crashes or kernel panics during CPU initialization or hotplug operations. This can lead to denial of service (DoS) conditions, affecting availability of critical services. Systems without PPTT tables are specifically vulnerable, which may include certain hardware configurations common in data centers or enterprise environments. The disruption caused by kernel panics can result in downtime, loss of productivity, and potential cascading failures in clustered or virtualized environments. While this vulnerability does not directly expose confidentiality or integrity risks, the availability impact can be significant for organizations with high uptime requirements. Additionally, recovery from kernel panics may require manual intervention, increasing operational overhead. Since exploitation does not require user interaction but occurs during kernel operations, attackers with local access or malicious code execution capabilities could trigger the crash intentionally to disrupt services.
Mitigation Recommendations
European organizations should ensure that all Linux systems are updated to kernel versions that include the fix for CVE-2023-53070. Specifically, they should apply patches that update acpi_get_pptt() to handle the absence of PPTT correctly. System administrators should audit their hardware configurations to identify systems lacking PPTT tables and prioritize patching those systems. For environments using custom or long-term support kernels, backporting the fix is recommended. Additionally, monitoring kernel logs for BUG messages related to ACPI or PPTT can help detect attempts to trigger this issue. In virtualized or cloud environments, ensure hypervisor and guest kernel compatibility to avoid triggering the vulnerability during CPU hotplug events. Implementing automated kernel update mechanisms and testing patches in staging environments before production deployment will reduce downtime risks. Finally, consider restricting local access and hardening systems to prevent unauthorized code execution that could exploit this vulnerability to cause denial of service.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-05-02T15:51:43.548Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9821c4522896dcbdd971
Added to database: 5/21/2025, 9:08:49 AM
Last enriched: 6/28/2025, 2:09:29 AM
Last updated: 11/22/2025, 3:39:19 PM
Views: 29
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2023-30806: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Sangfor Net-Gen Application Firewall
CriticalCVE-2024-0401: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in ASUS ExpertWiFi
HighCVE-2024-23690: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Netgear FVS336Gv3
HighCVE-2024-13976: CWE-427 Uncontrolled Search Path Element in Commvault Commvault for Windows
HighCVE-2024-12856: CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in Four-Faith F3x24
HighActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.