CVE-2023-52932

mm/swapfile: add cond_resched() in get_swap_pages()

Description

In the Linux kernel, the following vulnerability has been resolved: mm/swapfile: add cond_resched() in get_swap_pages() The softlockup still occurs in get_swap_pages() under memory pressure. 64 CPU cores, 64GB memory, and 28 zram devices, the disksize of each zram device is 50MB with same priority as si. Use the stress-ng tool to increase memory pressure, causing the system to oom frequently. The plist_for_each_entry_safe() loops in get_swap_pages() could reach tens of thousands of times to find available space (extreme case: cond_resched() is not called in scan_swap_map_slots()). Let's add cond_resched() into get_swap_pages() when failed to find available space to avoid softlockup.

Category

5.5
CVSS
Severity: Medium
CVSS 3.1 •
EPSS 0.01%
Affected: Linux Linux
Affected: Linux Linux
Published at:
Updated at:

References

Link Tags
https://git.kernel.org/stable/c/29f0349c5c76b627fe06b87d4b13fa03a6ce8e64 patch
https://git.kernel.org/stable/c/387217b97e99699c34e6d95ce2b91b327fcd853e patch
https://git.kernel.org/stable/c/d49c85a1913385eed46dd16a25ad0928253767f0 patch
https://git.kernel.org/stable/c/30187be29052bba9203b0ae2bdd815e0bc2faaab patch
https://git.kernel.org/stable/c/5dbe1ebd56470d03b78fc31491a9e4d433106ef2 patch
https://git.kernel.org/stable/c/49178d4d61e78aed8c837dfeea8a450700f196e2 patch
https://git.kernel.org/stable/c/7717fc1a12f88701573f9ed897cc4f6699c661e3 patch

Frequently Asked Questions

What is the severity of CVE-2023-52932?
CVE-2023-52932 has been scored as a medium severity vulnerability.
How to fix CVE-2023-52932?
To fix CVE-2023-52932, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2023-52932 being actively exploited in the wild?
As for now, there are no information to confirm that CVE-2023-52932 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2023-52932?
CVE-2023-52932 affects Linux Linux, Linux Linux.
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.