CVE-2023-54292Race Condition within a Thread in Linux

CWE-366Race Condition within a Thread7 documents6 sources
Severity
6.5MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqp_request->request_done memory location which is accessed locklessly in irdma_handle_cqp_op while being updated in irdma_cqp_ce_handler. Annotate lockless intent with READ_ONCE/WRITE_ONCE to avoid any compiler optimizations like load fusing and/or KCSAN warning. [222808.417128] BUG: KCSAN: data-race in irdma_cqp_ce_handler [irdma] / irdma_wait_event

Affected Packages4 packages

Linuxlinux/linux_kernel5.14.05.15.124+2
Debianlinux/linux_kernel< 6.1.52-1+2
CVEListV5linux/linux915cc7ac0f8e2a23675ee896e87f17c7d3c47089c5b5dbcbf91f769b8eb25f88e32a1522f920f37a+4
debiandebian/linux< linux 6.1.52-1 (bookworm)

🔴Vulnerability Details

3
OSV
RDMA/irdma: Fix data race on CQP request done2025-12-30
GHSA
GHSA-7xqj-95mq-2v2g: In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqp_r2025-12-30
OSV
CVE-2023-54292: In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqp_req2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: RDMA/irdma: Fix data race on CQP request done2025-12-30
Debian
CVE-2023-54292: linux - In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma:...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54292 Impact, Exploitability, and Mitigation Steps | Wiz