MNBSD-2020-14: callout(9) may corrupt another CPU's data structures

Severity: Unknown

Affected Package: kernel

Summary: callout(9) may corrupt another CPU's data structures

Description

Callouts may be bound to a specific CPU. When a kernel thread attempts to stop a callout while it is actively executing, it sleeps until execution completes; in the meantime the callout may be rescheduled and re-executed on a different CPU. When the sleeping thread finally completed removal of the callout, it could modify the wrong CPU's data structures, leaving them in an invalid state.

Affected Versions

kernel

Recommendations

No specific recommendations provided.

References

Additional Information

Aliases:

Published: December 02, 2020
Last Modified: December 02, 2020