CVE-2023-53007

MEDIUM EPSS 8.7%
Published Mar 27, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Mar 27, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: tracing: Make sure trace_printk() can output as soon as it can be used Currently trace_printk() can be used as soon as early_trace_init() is called from start_kernel(). But if a crash happens, and "ftrace_dump_on_oops" is set on the kernel command line, all you get will be: [ 0.456075] <idle>-0 0dN.2. 347519us : Unknown type 6 [ 0.456075] <idle>-0 0dN.2. 353141us : Unknown type 6 [ 0.456075] <idle>-0 0dN.2. 358684us : Unknown type 6 This is because the trace_printk() event (type 6) hasn't been registered yet. That gets done via an early_initcall(), which may be early, but not early enough. Instead of registering the trace_printk() event (and other ftrace events, which are not trace events) via an early_initcall(), have them registered at the same time that trace_printk() can be used. This way, if there is a crash before early_initcall(), then the trace_printk()s will actually be useful.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
8.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 11

VendorProductVersionRange
linuxlinux_kernel*≥4.12  –  <4.14.305
linuxlinux_kernel*≥4.15  –  <4.19.272
linuxlinux_kernel*≥4.20  –  <5.4.231
linuxlinux_kernel*≥5.5  –  <5.10.166
linuxlinux_kernel*≥5.11  –  <5.15.91
linuxlinux_kernel*≥5.16  –  <6.1.9
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any
linuxlinux_kernel6.2any

References 7

  • git.kernel.org https://git.kernel.org/stable/c/198c83963f6335ca6d690cff067679560f2a3a22
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/76b2390fdc80c0a8300e5da5b6b62d201b6fe9ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b0af180514edea6c83dc9a299d9f383009c99f25
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b94d7c7654356860dd7719120c7d15ba38b6162a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de3930a4883ddad2244efd6d349013294c62c75c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f97eb0ab066133483a65c93eb894748de2f6b598
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/198c83963f6335ca6d690cff067679560f2a3a22
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/3bb06eb6e9acf7c4a3e1b5bc87aed398ff8e2253
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/76b2390fdc80c0a8300e5da5b6b62d201b6fe9ce
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b0af180514edea6c83dc9a299d9f383009c99f25
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b94d7c7654356860dd7719120c7d15ba38b6162a
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de3930a4883ddad2244efd6d349013294c62c75c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/f97eb0ab066133483a65c93eb894748de2f6b598
    Patch