References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to [email protected].

Change History

In the Linux kernel, the following vulnerability has been resolved:

posix-timers: Prevent RT livelock in itimer_delete()

itimer_delete() has a retry loop when the timer is concurrently expired. On
non-RT kernels this just spin-waits until the timer callback has completed,
except for posix CPU timers which have HAVE_POSIX_CPU_TIMERS_TASK_WORK
enabled.

In that case and on RT kernels the existing task could live lock when
preempting the task which does the timer delivery.

Replace spin_unlock() with an invocation of timer_wait_running() to handle
it the same way as the other retry loops in the posix timer code.

https://git.kernel.org/stable/c/0670c4c567b27bd8f999a943028f4fe60d1a1106

https://git.kernel.org/stable/c/9d9e522010eb5685d8b53e8a24320653d9d4cbbf

https://git.kernel.org/stable/c/c1968bb8a28625cc95d2ad3ca872ab98c9c36d59

https://git.kernel.org/stable/c/e7aff15ba29ba4b3052786b1636fa5c4aa39e179

https://git.kernel.org/stable/c/f1be1ed32daa053484222f7f9beb2b16c624dffd

https://git.kernel.org/stable/c/f9bd298e3e4d3fd6e19f017789a42d0f332cd555