CVE-2023-53394Incorrect Synchronization in Linux

CWE-821Incorrect Synchronization5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 18

Description

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received on the regular rq and a crash on the next close or deactivation of the rq. Kal Cuttler Conely reported this issue as a crash on the release path when the xdpsock sample program is stopped (killed) and

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.16.4.10+1
Debianlinux/linux_kernel< 6.4.11-1+1
CVEListV5linux/linux082a9edf12fef88400172e7d1b131d65a3ed492e02a84eb2af6bea7871cd34264fb27f141f005fd9+2
debiandebian/linux< linux 6.4.11-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-x6jv-3w92-hqpc: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reac2025-09-18
OSV
CVE-2023-53394: In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reacti2025-09-18

📋Vendor Advisories

2
Red Hat
kernel: net/mlx5e: xsk: Fix crash on regular rq reactivation2025-09-18
Debian
CVE-2023-53394: linux - In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: ...2023
CVE-2023-53394 — Incorrect Synchronization in Linux | cvebase