CVE-2023-53519

01.10.2025, 12:15

In the Linux kernel, the following vulnerability has been resolved:

media: v4l2-mem2mem: add lock to protect parameter num_rdy

Getting below error when using KCSAN to check the driver. Adding lock to
protect parameter num_rdy when getting the value with function:
v4l2_m2m_num_src_bufs_ready/v4l2_m2m_num_dst_bufs_ready.

kworker/u16:3: [name:report&]BUG: KCSAN: data-race in v4l2_m2m_buf_queue
kworker/u16:3: [name:report&]

kworker/u16:3: [name:report&]read-write to 0xffffff8105f35b94 of 1 bytes by task 20865 on cpu 7:
kworker/u16:3: v4l2_m2m_buf_queue+0xd8/0x10c

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 5%

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 fixed
bullseye (security)	5.10.237-1 fixed
bookworm	6.1.148-1 fixed
bookworm (security)	6.1.153-1 fixed
trixie	6.12.43-1 fixed
trixie (security)	6.12.48-1 fixed
forky	6.16.8-1 fixed
sid	6.16.9-1 fixed

References

https://git.kernel.org/stable/c/1676748aa29099fc0abd71e0fb092e76e835f25c

https://git.kernel.org/stable/c/56b5c3e67b0f9af3f45cf393be048ee8d8a92694

https://git.kernel.org/stable/c/690dd4780b3f4d755e4e7883e8c3d1b5052f6bf2

https://git.kernel.org/stable/c/7fc7f87725805197388ba749a1801df33000fa50

https://git.kernel.org/stable/c/c71aa5f1cf961264690f2560503ea396b6e3c680

https://git.kernel.org/stable/c/e01ea1c4191ee08440b5f86db98dff695e9cedf9

https://git.kernel.org/stable/c/e52de26cb37459b16213438a2c82feb155dd3bbd

https://git.kernel.org/stable/c/ef009fe2010ea2a3a7045ecb72729cf366e0967b