CVE-2023-53622Race Condition in Linux

CWE-362Race ConditionCWE-820Missing Synchronization6 documents6 sources
Severity
7.0HIGHNVD
EPSS
0.0%
top 98.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7
Latest updateApr 20

Description

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_secs; if (val != 30) seq_printf(s, ",commit=%d", val); And thus can cause data races when gfs2_show_options() and other functions such as gfs2_reconfigure() are concurrently executed: spin_lock(>->gt_spin); gt->gt_logd_s

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.0 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel2.6.314.14.324+6
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linux48c2b613616235d7c97fda5982f50100a6c791667e5bbeb7eb813bb2568e1d5d02587df943272e57+8
debiandebian/linux< linux 6.1.52-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
VulDB
Linux Kernel up to 6.4.11 gfs2 gfs2_show_options race condition (Nessus ID 302727 / WID-SEC-2025-2229)2026-04-20
GHSA
GHSA-7fh7-rm8f-wj9x: In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd2025-10-07
OSV
CVE-2023-53622: In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_s2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: gfs2: Fix possible data races in gfs2_show_options()2025-10-07
Debian
CVE-2023-53622: linux - In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix p...2023