CVE-2023-53824Linux vulnerability

7 documents6 sources
Severity
4.7MEDIUM
No vector
EPSS
0.0%
top 89.95%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk->max_recvmsg_len syzbot reported a data-race in data-race in netlink_recvmsg() [1] Indeed, netlink_recvmsg() can be run concurrently, and netlink_dump() also needs protection. [1] BUG: KCSAN: data-race in netlink_recvmsg / netlink_recvmsg read to 0xffff888141840b38 of 8 bytes by task 23057 on cpu 0: netlink_recvmsg+0xea/0x730 net/netlink/af_netlink.c:1988 sock_recvmsg_nosec net/soc

Affected Packages4 packages

Linuxlinux/linux_kernel3.15.05.10.218+3
Debianlinux/linux_kernel< 5.10.218-1+3
CVEListV5linux/linux9063e21fb026c4966fc93261c18322214f9835eb05c9e3fc93b02d18c3ab258d43350a6d44b40bbd+5
debiandebian/linux< linux 6.1.25-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-74c2-58xj-46fw: In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk->max_recvmsg_len syzbot reported a da2025-12-09
OSV
netlink: annotate lockless accesses to nlk->max_recvmsg_len2025-12-09
OSV
CVE-2023-53824: In the Linux kernel, the following vulnerability has been resolved: netlink: annotate lockless accesses to nlk->max_recvmsg_len syzbot reported a data2025-12-09

📋Vendor Advisories

2
Red Hat
kernel: netlink: annotate lockless accesses to nlk->max_recvmsg_len2025-12-09
Debian
CVE-2023-53824: linux - In the Linux kernel, the following vulnerability has been resolved: netlink: an...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-53824 Impact, Exploitability, and Mitigation Steps | Wiz