CVE-2023-53121
02.05.2025, 16:15
In the Linux kernel, the following vulnerability has been resolved:
tcp: tcp_make_synack() can be called from process context
tcp_rtx_synack() now could be called in process context as explained in
0a375c822497 ("tcp: tcp_rtx_synack() can be called from process
context").
tcp_rtx_synack() might call tcp_make_synack(), which will touch per-CPU
variables with preemption enabled. This causes the following BUG:
BUG: using __this_cpu_add() in preemptible [00000000] code: ThriftIO1/5464
caller is tcp_make_synack+0x841/0xac0
Call Trace:
<TASK>
dump_stack_lvl+0x10d/0x1a0
check_preemption_disabled+0x104/0x110
tcp_make_synack+0x841/0xac0
tcp_v6_send_synack+0x5c/0x450
tcp_rtx_synack+0xeb/0x1f0
inet_rtx_syn_ack+0x34/0x60
tcp_check_req+0x3af/0x9e0
tcp_rcv_state_process+0x59b/0x2030
tcp_v6_do_rcv+0x5f5/0x700
release_sock+0x3a/0xf0
tcp_sendmsg+0x33/0x40
____sys_sendmsg+0x2f2/0x490
__sys_sendmsg+0x184/0x230
do_syscall_64+0x3d/0x90
Avoid calling __TCP_INC_STATS() with will touch per-cpu variables. Use
TCP_INC_STATS() which is safe to be called from context switch.Enginsight| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 3.7 ≤ 𝑥 < 4.14.311 |
| linux | linux_kernel | 4.15 ≤ 𝑥 < 4.19.279 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 5.4.238 |
| linux | linux_kernel | 5.5 ≤ 𝑥 < 5.10.176 |
| linux | linux_kernel | 5.11 ≤ 𝑥 < 5.15.104 |
| linux | linux_kernel | 5.16 ≤ 𝑥 < 6.1.21 |
| linux | linux_kernel | 6.2 ≤ 𝑥 < 6.2.8 |
| linux | linux_kernel | 6.3:rc1 |
| linux | linux_kernel | 6.3:rc2 |
𝑥
= Vulnerable software versions
Debian Releases
References