Linux Kernel Auxiliary Timekeeper Leap State Adjustment Vulnerability

A vulnerability in the Linux kernel's timekeeping subsystem has been addressed. The issue arose because the introduction of the '__do_adjtimex()' function, which manages time adjustments for auxiliary timekeepers, did not properly update the reference to the core timekeeper. As a result, when the function was called on an auxiliary timekeeper, it incorrectly updated the core timekeeper. This flaw was detected by the kernel's lock debugging diagnostics, which flagged a sequence lock being modified without the corresponding spinlock being held. The vulnerability could lead to improper timekeeping adjustments, potentially causing issues in time-sensitive operations.

Impact

Exploitation of this vulnerability could result in incorrect timekeeping adjustments for auxiliary timekeepers, potentially disrupting time-sensitive operations and applications that rely on accurate timing.

Remediation

Users can upgrade to the latest version of the Linux kernel where this vulnerability has been fixed. Instructions for downloading the patched version are available on the Linux kernel's official website.