CVE-2023-54152Deadlock in Linux

CWE-833Deadlock7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 24

Description

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939_sk_errqueue() This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a net down event. The deadlock involves locks in the following order: 3 j1939_session_list_lock -> active_session_list_lock j1939_session_activate ... j1939_sk_queue_activate_next -> sk_session_que

Affected Packages4 packages

Linuxlinux/linux_kernel5.15.05.15.106+2
Debianlinux/linux_kernel< 6.1.25-1+2
CVEListV5linux/linux5b9272e93f2efe3f6cda60cc2c26817b2ce493868a581b71cf686b4cd1a85c9c2dfc2fb88382c3b4+4
debiandebian/linux< linux 6.1.25-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-hxpg-6jhj-qw4q: In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939_sk_errqueue() This commit addresses2025-12-24
OSV
CVE-2023-54152: In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939_sk_errqueue() This commit addresses a2025-12-24
OSV
can: j1939: prevent deadlock by moving j1939_sk_errqueue()2025-12-24

📋Vendor Advisories

2
Red Hat
kernel: Linux kernel (CAN J1939): Denial of Service via deadlock2025-12-24
Debian
CVE-2023-54152: linux - In the Linux kernel, the following vulnerability has been resolved: can: j1939:...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54152 Impact, Exploitability, and Mitigation Steps | Wiz