CVE-2023-53148Double Free in Linux

CWE-415Double FreeCWE-1341Multiple Releases of Same Resource or Handle5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 96.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between the PC and the Thunderbolt hub. This is because the igb_down function is called multiple times when the Thunderbolt hub is unplugged. For example, the igb_io_error_detected triggers the first call, and the igb_remove trig

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel4.154.19.291+6
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux9d5c824399dea881779d78a6c147288bf2dccb6bc2312e1d12b1c3ee4100c173131b102e2aed4d04+8
debiandebian/linux< linux 6.1.52-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-mxw3-r93h-fcv9: In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub co2025-09-15
OSV
CVE-2023-53148: In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub conn2025-09-15

📋Vendor Advisories

2
Red Hat
kernel: igb: Fix igb_down hung on surprise removal2025-09-15
Debian
CVE-2023-53148: linux - In the Linux kernel, the following vulnerability has been resolved: igb: Fix ig...2023
CVE-2023-53148 — Double Free in Linux | cvebase