CVE-2023-53060

MEDIUM EPSS 2.3%
Published May 2, 20251y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published May 2, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: igb: revert rtnl_lock() that causes deadlock The commit 6faee3d4ee8b ("igb: Add lock to avoid data race") adds rtnl_lock to eliminate a false data race shown below (FREE from device detaching) | (USE from netdev core) igb_remove | igb_ndo_get_vf_config igb_disable_sriov | vf >= adapter->vfs_allocated_count? kfree(adapter->vf_data) | adapter->vfs_allocated_count = 0 | | memcpy(... adapter->vf_data[vf] The above race will never happen and the extra rtnl_lock causes deadlock below [ 141.420169] <TASK> [ 141.420672] __schedule+0x2dd/0x840 [ 141.421427] schedule+0x50/0xc0 [ 141.422041] schedule_preempt_disabled+0x11/0x20 [ 141.422678] __mutex_lock.isra.13+0x431/0x6b0 [ 141.423324] unregister_netdev+0xe/0x20 [ 141.423578] igbvf_remove+0x45/0xe0 [igbvf] [ 141.423791] pci_device_remove+0x36/0xb0 [ 141.423990] device_release_driver_internal+0xc1/0x160 [ 141.424270] pci_stop_bus_device+0x6d/0x90 [ 141.424507] pci_stop_and_remove_bus_device+0xe/0x20 [ 141.424789] pci_iov_remove_virtfn+0xba/0x120 [ 141.425452] sriov_disable+0x2f/0xf0 [ 141.425679] igb_disable_sriov+0x4e/0x100 [igb] [ 141.426353] igb_remove+0xa0/0x130 [igb] [ 141.426599] pci_device_remove+0x36/0xb0 [ 141.426796] device_release_driver_internal+0xc1/0x160 [ 141.427060] driver_detach+0x44/0x90 [ 141.427253] bus_remove_driver+0x55/0xe0 [ 141.427477] pci_unregister_driver+0x2a/0xa0 [ 141.428296] __x64_sys_delete_module+0x141/0x2b0 [ 141.429126] ? mntput_no_expire+0x4a/0x240 [ 141.429363] ? syscall_trace_enter.isra.19+0x126/0x1a0 [ 141.429653] do_syscall_64+0x5b/0x80 [ 141.429847] ? exit_to_user_mode_prepare+0x14d/0x1c0 [ 141.430109] ? syscall_exit_to_user_mode+0x12/0x30 [ 141.430849] ? do_syscall_64+0x67/0x80 [ 141.431083] ? syscall_exit_to_user_mode_prepare+0x183/0x1b0 [ 141.431770] ? syscall_exit_to_user_mode+0x12/0x30 [ 141.432482] ? do_syscall_64+0x67/0x80 [ 141.432714] ? exc_page_fault+0x64/0x140 [ 141.432911] entry_SYSCALL_64_after_hwframe+0x72/0xdc Since the igb_disable_sriov() will call pci_disable_sriov() before releasing any resources, the netdev core will synchronize the cleanup to avoid any races. This patch removes the useless rtnl_(un)lock to guarantee correctness.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
2.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 18

VendorProductVersionRange
linuxlinux_kernel*≥4.14.291  –  <4.14.312
linuxlinux_kernel*≥4.19.256  –  <4.19.280
linuxlinux_kernel*≥5.4.211  –  <5.4.240
linuxlinux_kernel*≥5.10.138  –  <5.10.177
linuxlinux_kernel*≥5.15.63  –  <5.15.105
linuxlinux_kernel*≥5.19.4  –  <6.0
linuxlinux_kernel*≥6.0.1  –  <6.1.22
linuxlinux_kernel*≥6.2  –  <6.2.9
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.0any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any
linuxlinux_kernel6.3any

References 8

  • git.kernel.org https://git.kernel.org/stable/c/0dabb72b923e17cb3b4ac99ea1adc9ef35116930
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d2626e10709ff8474ffd1a9db3cf4647569e89c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/62a64645749926f9d75af82a96440941f22b046f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65f69851e44d71248b952a687e44759a7abb5016
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/66e5577cabc3d463eea540332727929d0ace41c6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7d845e9a485f287181ff81567c3900a8e7ad1e28
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd1e320ac0958298c2774605ad050483f33a21f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de91528d8ba274c614a2265077d695c61e31fd43
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/0dabb72b923e17cb3b4ac99ea1adc9ef35116930
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/4d2626e10709ff8474ffd1a9db3cf4647569e89c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/62a64645749926f9d75af82a96440941f22b046f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/65f69851e44d71248b952a687e44759a7abb5016
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/66e5577cabc3d463eea540332727929d0ace41c6
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7d845e9a485f287181ff81567c3900a8e7ad1e28
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/cd1e320ac0958298c2774605ad050483f33a21f2
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/de91528d8ba274c614a2265077d695c61e31fd43
    Patch