CVE-2023-53530

MEDIUM EPSS 3.3%
Published Oct 1, 20259mo ago · Modified Jun 17, 20262w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 1, 2025 9mo ago
Last Modified Jun 17, 2026 2w ago

Description

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel: nvme nvme0: NVME-FC{0}: controller connect complete localhost kernel: BUG: using smp_processor_id() in preemptible [00000000] code: kworker/u129:4/75092 localhost kernel: nvme nvme0: NVME-FC{0}: new ctrl: NQN "nqn.1992-08.com.netapp:sn.b42d198afb4d11ecad6d00a098d6abfa:subsystem.PR_Channel2022_RH84_subsystem_291" localhost kernel: caller is qla_nvme_post_cmd+0x216/0x1380 [qla2xxx] localhost kernel: CPU: 6 PID: 75092 Comm: kworker/u129:4 Kdump: loaded Tainted: G B W OE --------- --- 5.14.0-70.22.1.el9_0.x86_64+debug #1 localhost kernel: Hardware name: HPE ProLiant XL420 Gen10/ProLiant XL420 Gen10, BIOS U39 01/13/2022 localhost kernel: Workqueue: nvme-wq nvme_async_event_work [nvme_core] localhost kernel: Call Trace: localhost kernel: dump_stack_lvl+0x57/0x7d localhost kernel: check_preemption_disabled+0xc8/0xd0 localhost kernel: qla_nvme_post_cmd+0x216/0x1380 [qla2xxx] Use raw_smp_processor_id() instead of smp_processor_id(). Also use queue_work() across the driver instead of queue_work_on() thus avoiding usage of smp_processor_id() when CONFIG_DEBUG_PREEMPT is enabled.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.3% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Affected Products 2

VendorProductVersionRange
linuxlinux_kernel*≥6.3  –  <6.5.5
linuxlinux_kernel6.6any

References 4

  • git.kernel.org https://git.kernel.org/stable/c/1a541999f31fcb10ea50eba2a563e6c451fd5c7d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25bd0c7def04a272f8e89b36971712fe29c6e438
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52c7b41ad6ee53222f4ee2f0c099a6ed8291a168
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/59f10a05b5c7b675256a66e3161741239889ff80
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/1a541999f31fcb10ea50eba2a563e6c451fd5c7d
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/25bd0c7def04a272f8e89b36971712fe29c6e438
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/52c7b41ad6ee53222f4ee2f0c099a6ed8291a168
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/59f10a05b5c7b675256a66e3161741239889ff80
    Patch