CVE-2023-53759

08.12.2025, 02:15

In the Linux kernel, the following vulnerability has been resolved:

HID: hidraw: fix data race on device refcount

The hidraw_open() function increments the hidraw device reference
counter. The counter has no dedicated synchronization mechanism,
resulting in a potential data race when concurrently opening a device.

The race is a regression introduced by commit 8590222e4b02 ("HID:
hidraw: Replace hidraw device table mutex with a rwsem"). While
minors_rwsem is intended to protect the hidraw_table itself, by instead
acquiring the lock for writing, the reference counter is also protected.
This is symmetrical to hidraw_release().

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Vulnerability Media Exposure

[GERMAN] Linux Kernel: Mehrere Schwachstellen ermöglichen Denial of Service
Ein Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen oder weitere, nicht spezifizierte Auswirkungen zu erlangen.
Published: 2025-12-07T23:00:00+00:00

References

https://git.kernel.org/stable/c/05b47034e2488c2924e5c032e20a1979d012b5b5

https://git.kernel.org/stable/c/879e79c3aead41b8aa2e91164354b30bd1c4ef3b

https://git.kernel.org/stable/c/944ee77dc6ec7b0afd8ec70ffc418b238c92f12b

https://git.kernel.org/stable/c/ff348eabd97577da974d3db7038857f28c61d2bd