CVE-2023-54113Improper Locking in Linux

CWE-667Improper Locking7 documents6 sources
Severity
4.5MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will dump rcu_head objects memory info, if the objects is not allocated from the slab allocator, the vmalloc_dump_obj() will be invoke and the vmap_area_lock spinlock need to be held, since the call_rcu() can be invoked in interrupt context, therefore, there is a possibility of spinlock deadlock scenarios. And in Preempt-RT kernel, the rcutorture te

Affected Packages4 packages

Linuxlinux/linux_kernel5.12.05.15.132+3
Debianlinux/linux_kernel< 6.1.55-1+2
CVEListV5linux/linux98f180837a896ecedf8f7e12af22b57f271d43c90a22f9c17b1aa2a35b5eedee928f7841595b55cd+5
debiandebian/linux< linux 6.1.55-1 (bookworm)

🔴Vulnerability Details

3
OSV
CVE-2023-54113: In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), will2025-12-24
OSV
rcu: dump vmalloc memory info safely2025-12-24
GHSA
GHSA-qc6c-57rr-4q4v: In the Linux kernel, the following vulnerability has been resolved: rcu: dump vmalloc memory info safely Currently, for double invoke call_rcu(), wi2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: rcu: dump vmalloc memory info safely2025-12-24
Debian
CVE-2023-54113: linux - In the Linux kernel, the following vulnerability has been resolved: rcu: dump v...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54113 Impact, Exploitability, and Mitigation Steps | Wiz