CVE-2023-53620

MEDIUM EPSS 3.7%
Published Oct 7, 20258mo ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Oct 7, 2025 8mo ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: md: fix soft lockup in status_resync status_resync() will calculate 'curr_resync - recovery_active' to show user a progress bar like following: [============>........] resync = 61.4% 'curr_resync' and 'recovery_active' is updated in md_do_sync(), and status_resync() can read them concurrently, hence it's possible that 'curr_resync - recovery_active' can overflow to a huge number. In this case status_resync() will be stuck in the loop to print a large amount of '=', which will end up soft lockup. Fix the problem by setting 'resync' to MD_RESYNC_ACTIVE in this case, this way resync in progress will be reported to user.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
3.7% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-667

Affected Products 7

VendorProductVersionRange
linuxlinux_kernel*≥2.6.12.1  –  <6.1.30
linuxlinux_kernel*≥6.2  –  <6.3.4
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any
linuxlinux_kernel2.6.12any

References 3

  • git.kernel.org https://git.kernel.org/stable/c/23309704e90859af2662bedc44101e6d1d2ece7e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6efddf1e32e2a264694766ca485a4f5e04ee82a7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4acb6c3ede88d6b7d33742a09e63cfce5e7fb69
    Patch

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/23309704e90859af2662bedc44101e6d1d2ece7e
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/6efddf1e32e2a264694766ca485a4f5e04ee82a7
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/b4acb6c3ede88d6b7d33742a09e63cfce5e7fb69
    Patch