CVE-2023-54226 — Linux vulnerability

7 documents6 sources

Severity

5.1MEDIUM

No vector

EPSS

0.0%

top 89.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown. KCSAN found a data race around sk->sk_shutdown where unix_release_sock() and unix_shutdown() update it under unix_state_lock(), OTOH unix_poll() and unix_dgram_poll() read it locklessly. We need to annotate the writes and reads with WRITE_ONCE() and READ_ONCE(). BUG: KCSAN: data-race in unix_poll / unix_release_sock write to 0xffff88800d0f8aec of 1 bytes by task 264 on cpu 0: …

Affected Packages4 packages

▶Linuxlinux/linux_kernel2.6.12 — 4.19.284+5

▶Debianlinux/linux_kernel< 5.10.191-1+3

▶CVEListV5linux/linux1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 — 1c488f4e95b498c977fbeae784983eb4cf6085e8+7

▶debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-hm7q-645m-qhpj: In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown↗2025-12-30

▶

OSV

CVE-2023-54226: In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix data races around sk->sk_shutdown↗2025-12-30

▶

OSV

af_unix: Fix data races around sk->sk_shutdown.↗2025-12-30

▶

📋Vendor Advisories

Red Hat

kernel: af_unix: Fix data races around sk->sk_shutdown↗2025-12-30

▶

Debian

CVE-2023-54226: linux - In the Linux kernel, the following vulnerability has been resolved: af_unix: Fi...↗2023

▶

🕵️Threat Intelligence

Wiz

CVE-2023-54226 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶