CVE-2023-54173Incorrect Synchronization in Linux

CWE-821Incorrect Synchronization7 documents6 sources
Severity
5.5MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel crash, which is caused by using nesting protection without disabled preemption. The bpf_event_output can be called by programs executed by bpf_prog_run_array_cg function that disabled migration but keeps preemption enabled. This can cause task to be preempted by another one inside the nesting protection and lead eventually to two tasks using same pe

Affected Packages4 packages

Linuxlinux/linux_kernel5.7.05.10.190+3
Debianlinux/linux_kernel< 5.10.191-1+3
CVEListV5linux/linux2a916f2f546ca1c1e3323e2a4269307f6d9890eb3048cb0dc0cc9dc74ed93690dffef00733bcad5b+5
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
GHSA
GHSA-m688-w5rr-prwm: In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel cra2025-12-30
OSV
CVE-2023-54173: In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpf_event_output We received report [1] of kernel crash2025-12-30
OSV
bpf: Disable preemption in bpf_event_output2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: bpf: Disable preemption in bpf_event_output2025-12-30
Debian
CVE-2023-54173: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Disabl...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54173 Impact, Exploitability, and Mitigation Steps | Wiz