CVE-2023-53727Linux vulnerability

6 documents5 sources
Severity
N/A
No vector
EPSS
0.0%
top 89.75%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 22

Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: avoid stalls in fq_pie_timer() When setting a high number of flows (limit being 65536), fq_pie_timer() is currently using too much time as syzbot reported. Add logic to yield the cpu every 2048 flows (less than 150 usec on debug kernels). It should also help by not blocking qdisc fast paths for too long. Worst case (65536 flows) would need 31 jiffies for a complete scan. Relevant extract from syzbot report

Affected Packages4 packages

Linuxlinux/linux_kernel5.6.05.10.195+3
Debianlinux/linux_kernel< 5.10.197-1+3
CVEListV5linux/linuxec97ecf1ebe485a17cd8395a5f35e6b80b57665a94d527c3759d76c29220758362f622954612bea7+5
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-53727: In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: avoid stalls in fq_pie_timer() When setting a high number of fl2025-10-22
GHSA
GHSA-r8m6-g352-25gf: In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: avoid stalls in fq_pie_timer() When setting a high number of2025-10-22
OSV
net/sched: fq_pie: avoid stalls in fq_pie_timer()2025-10-22

📋Vendor Advisories

2
Red Hat
kernel: net/sched: fq_pie: avoid stalls in fq_pie_timer()2025-10-22
Debian
CVE-2023-53727: linux - In the Linux kernel, the following vulnerability has been resolved: net/sched: ...2023