CVE-2023-53345 — Race Condition in Linux

CWE-362 — Race Condition5 documents5 sources

Severity

4.7MEDIUMNVD

EPSS

0.0%

top 98.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedSep 17

Description

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpc_wait_to_be_connected() Inside the loop in rxrpc_wait_to_be_connected() it checks call->error to see if it should exit the loop without first checking the call state. This is probably safe as if call->error is set, the call is dead anyway, but we should probably wait for the call state to have been set to completion first, lest it cause surprise on the way out. Fix this by only accessing…

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

▶NVDlinux/linux_kernel6.2.1 — 6.2.16+2

▶Debianlinux/linux_kernel< 6.3.7-1+1

▶CVEListV5linux/linux9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d — 3e8ba61a3fe4475a9b5c9fbfc664435c6795d872+3

▶debiandebian/linux< linux 6.3.7-1 (forky)

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-ggg7-h54g-wmq5: In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpc_wait_to_be_connected() Inside the loop i↗2025-09-17

▶

OSV

CVE-2023-53345: In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpc_wait_to_be_connected() Inside the loop in↗2025-09-17

▶

📋Vendor Advisories

Red Hat

kernel: rxrpc: Fix potential data race in rxrpc_wait_to_be_connected()↗2025-09-17

▶

Debian

CVE-2023-53345: linux - In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix ...↗2023

▶