CVE-2023-53823Race Condition within a Thread in Linux

CWE-366Race Condition within a Thread7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 89.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: block/rq_qos: protect rq_qos apis with a new lock commit 50e34d78815e ("block: disable the elevator int del_gendisk") move rq_qos_exit() from disk_release() to del_gendisk(), this will introduce some problems: 1) If rq_qos_add() is triggered by enabling iocost/iolatency through cgroupfs, then it can concurrent with del_gendisk(), it's not safe to write 'q->rq_qos' concurrently. 2) Activate cgroup policy that is relied on rq_

Affected Packages4 packages

Linuxlinux/linux_kernel5.19.06.4.4
Debianlinux/linux_kernel< 6.4.4-1+1
CVEListV5linux/linux50e34d78815e474d410f342fbe783b18192ca51816398b4638b5cd8c1dc95fc940a1591a801d53ce+3
debiandebian/linux< linux 6.4.4-1 (forky)

🔴Vulnerability Details

3
OSV
CVE-2023-53823: In the Linux kernel, the following vulnerability has been resolved: block/rq_qos: protect rq_qos apis with a new lock commit 50e34d78815e ("block: dis2025-12-09
GHSA
GHSA-h5mg-vw9m-f6v8: In the Linux kernel, the following vulnerability has been resolved: block/rq_qos: protect rq_qos apis with a new lock commit 50e34d78815e ("block: d2025-12-09
OSV
block/rq_qos: protect rq_qos apis with a new lock2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: block/rq_qos: protect rq_qos apis with a new lock2025-12-09
Debian
CVE-2023-53823: linux - In the Linux kernel, the following vulnerability has been resolved: block/rq_qo...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-53823 Impact, Exploitability, and Mitigation Steps | Wiz