CVE-2023-54246
Unknown Unknown - Not Provided
Hung Task Timeout Vulnerability in Linux Kernel rcuscale Module

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: rcuscale: Move rcu_scale_writer() schedule_timeout_uninterruptible() to _idle() The rcuscale.holdoff module parameter can be used to delay the start of rcu_scale_writer() kthread. However, the hung-task timeout will trigger when the timeout specified by rcuscale.holdoff is greater than hung_task_timeout_secs: runqemu kvm nographic slirp qemuparams="-smp 4 -m 2048M" bootparams="rcuscale.shutdown=0 rcuscale.holdoff=300" [ 247.071753] INFO: task rcu_scale_write:59 blocked for more than 122 seconds. [ 247.072529] Not tainted 6.4.0-rc1-00134-gb9ed6de8d4ff #7 [ 247.073400] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message. [ 247.074331] task:rcu_scale_write state:D stack:30144 pid:59 ppid:2 flags:0x00004000 [ 247.075346] Call Trace: [ 247.075660] <TASK> [ 247.075965] __schedule+0x635/0x1280 [ 247.076448] ? __pfx___schedule+0x10/0x10 [ 247.076967] ? schedule_timeout+0x2dc/0x4d0 [ 247.077471] ? __pfx_lock_release+0x10/0x10 [ 247.078018] ? enqueue_timer+0xe2/0x220 [ 247.078522] schedule+0x84/0x120 [ 247.078957] schedule_timeout+0x2e1/0x4d0 [ 247.079447] ? __pfx_schedule_timeout+0x10/0x10 [ 247.080032] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.080591] ? __pfx_process_timeout+0x10/0x10 [ 247.081163] ? __pfx_sched_set_fifo_low+0x10/0x10 [ 247.081760] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.082287] rcu_scale_writer+0x6b1/0x7f0 [ 247.082773] ? mark_held_locks+0x29/0xa0 [ 247.083252] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.083865] ? __pfx_rcu_scale_writer+0x10/0x10 [ 247.084412] kthread+0x179/0x1c0 [ 247.084759] ? __pfx_kthread+0x10/0x10 [ 247.085098] ret_from_fork+0x2c/0x50 [ 247.085433] </TASK> This commit therefore replaces schedule_timeout_uninterruptible() with schedule_timeout_idle().
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-05-07
AI Q&A
2025-12-30
EPSS Evaluated
2026-05-05
NVD
CVE-2023-54246
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel 6.4.0-rc1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability involves the Linux kernel's rcuscale module, specifically the rcu_scale_writer() function. The issue is that the function uses schedule_timeout_uninterruptible(), which can cause the rcu_scale_writer() kernel thread to be blocked longer than expected when the rcuscale.holdoff parameter is set to a value greater than the hung_task_timeout_secs. This leads to hung-task timeout warnings and potential delays in kernel thread scheduling. The fix replaces schedule_timeout_uninterruptible() with schedule_timeout_idle() to prevent this blocking behavior.


How can this vulnerability impact me? :

This vulnerability can cause the rcu_scale_writer() kernel thread to become blocked for extended periods, potentially leading to hung-task timeout warnings and degraded system responsiveness or performance. It may affect system stability under certain configurations where rcuscale.holdoff is set high, causing delays in kernel thread execution.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by monitoring kernel logs for hung tasks related to the rcu_scale_writer process. Specifically, look for messages indicating that the task 'rcu_scale_write' is blocked for more than the hung task timeout period. You can check kernel logs using commands like 'dmesg | grep rcu_scale_write' or 'journalctl -k | grep rcu_scale_write'. Additionally, adjusting or checking the value of '/proc/sys/kernel/hung_task_timeout_secs' can help in tuning detection sensitivity.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include updating the Linux kernel to a version where this vulnerability is resolved, which involves replacing schedule_timeout_uninterruptible() with schedule_timeout_idle() in the rcu_scale_writer() function. As a temporary measure, you can disable hung task timeout messages by running 'echo 0 > /proc/sys/kernel/hung_task_timeout_secs', but this does not fix the underlying issue. Adjusting the 'rcuscale.holdoff' module parameter to a value less than 'hung_task_timeout_secs' can also help avoid triggering the hung-task timeout.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart