CVE-2023-53850Missing Reference to Active Allocated Resource in Linux

CWE-771Missing Reference to Active Allocated ResourceCWE-284Improper Access Control8 documents7 sources
Severity
6.1MEDIUM
No vector
EPSS
0.0%
top 90.90%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
LinuxLinux KernelSentry+1 more
Timeline
PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_interrupt_scheme(). This will result in iavf_free_traffic_irqs() not being called and a leak as follows: [7632.489326] remove_proc_entry: removing non-empty directory 'irq/999', leaking at least 'iavf-enp24s0f0v0-TxRx-0

Affected Packages5 packages

Linuxlinux/linux_kernel4.15.06.1.42+1
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux5b36e8d04b4439c9ceb814bfdfe1284737f9c6326d9d01689b82ff5cb8f8d2a82717d7997bc0bfff+3
debiandebian/linux< linux 6.1.52-1 (bookworm)
PyPIsentry/sentry22.1.023.7.2

🔴Vulnerability Details

4
OSV
iavf: use internal state to free traffic IRQs2025-12-09
GHSA
GHSA-hcp8-qjrp-6pgh: In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the n2025-12-09
OSV
CVE-2023-53850: In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the net2025-12-09
GHSA
Privilege escalation via ApiTokensEndpoint2023-08-08

📋Vendor Advisories

2
Red Hat
kernel: iavf: use internal state to free traffic IRQs2025-12-09
Debian
CVE-2023-53850: linux - In the Linux kernel, the following vulnerability has been resolved: iavf: use i...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-53850 Impact, Exploitability, and Mitigation Steps | Wiz