CVE-2023-54086Incorrect Synchronization in Linux

CWE-821Incorrect Synchronization7 documents6 sources
Severity
4.4MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Add preempt_count_{sub,add} into btf id deny list The recursion check in __bpf_prog_enter* and __bpf_prog_exit* leave preempt_count_{sub,add} unprotected. When attaching trampoline to them we get panic as follows, [ 867.843050] BUG: TASK stack guard page was hit at 0000000009d325cf (stack is 0000000046a46a15..00000000537e7b28) [ 867.843064] stack guard page: 0000 [#1] PREEMPT SMP NOPTI [ 867.843067] CPU: 8 PID: 11009 Com

Affected Packages4 packages

Linuxlinux/linux_kernel5.13.05.15.113+2
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linux35e3815fa8102fab4dee75f3547472c66581125d095018267c87b8bfbbb12eeb1c0ebf2359e1782c+5
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-73pg-78qv-48m9: In the Linux kernel, the following vulnerability has been resolved: bpf: Add preempt_count_{sub,add} into btf id deny list The recursion check in __2025-12-24
OSV
CVE-2023-54086: In the Linux kernel, the following vulnerability has been resolved: bpf: Add preempt_count_{sub,add} into btf id deny list The recursion check in __bp2025-12-24
OSV
bpf: Add preempt_count_{sub,add} into btf id deny list2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: bpf: Add preempt_count_{sub,add} into btf id deny list2025-12-24
Debian
CVE-2023-54086: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Add pr...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54086 Impact, Exploitability, and Mitigation Steps | Wiz