CVE-2023-53638

07.10.2025, 16:15

In the Linux kernel, the following vulnerability has been resolved:

octeon_ep: cancel queued works in probe error path

If it fails to get the devices's MAC address, octep_probe exits while
leaving the delayed work intr_poll_task queued. When the work later
runs, it's a use after free.

Move the cancelation of intr_poll_task from octep_remove into
octep_device_cleanup. This does not change anything in the octep_remove
flow, but octep_device_cleanup is called also in the octep_probe error
path, where the cancelation is needed.

Note that the cancelation of ctrl_mbox_task has to follow
intr_poll_task's, because the ctrl_mbox_task may be queued by
intr_poll_task.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bookworm	6.1.148-1 not-affected
bullseye (security)	5.10.237-1 fixed
bookworm (security)	6.1.153-1 fixed
trixie	6.12.43-1 fixed
trixie (security)	6.12.48-1 fixed
forky	6.16.9-1 fixed
sid	6.16.11-1 fixed

References

https://git.kernel.org/stable/c/62312e2f6466b5f0a120542a38b410d88a34ed00

https://git.kernel.org/stable/c/758c91078165ae641b698750a72eafe7968b3756