CVE-2023-53848

09.12.2025, 16:17

In the Linux kernel, the following vulnerability has been resolved:

md/raid5-cache: fix a deadlock in r5l_exit_log()

Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing
work") introduce a new problem:

// caller hold reconfig_mutex
r5l_exit_log
 flush_work(&log->disable_writeback_work)
			r5c_disable_writeback_async
			 wait_event
			  /*
			   * conf->log is not NULL, and mddev_trylock()
			   * will fail, wait_event() can never pass.
			   */
 conf->log = NULL

Fix this problem by setting 'config->log' to NULL before wake_up() as it
used to be, so that wait_event() from r5c_disable_writeback_async() can
exist. In the meantime, move forward md_unregister_thread() so that
null-ptr-deref this commit fixed can still be fixed.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	UNKNOWN				---
Linux	CNA	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: Unknown

Debian Releases

Debian Product

Codename

linux

bullseye	5.10.223-1 not-affected
bullseye (security)	5.10.244-1 fixed
bookworm	6.1.148-1 fixed
bookworm (security)	6.1.158-1 fixed
trixie	6.12.57-1 fixed
trixie (security)	6.12.48-1 fixed
forky	6.17.9-1 fixed
sid	6.17.11-1 fixed

References

https://git.kernel.org/stable/c/71cf23271f015a57038bdc4669952096f9fe5500

https://git.kernel.org/stable/c/a705b11b358dee677aad80630e7608b2d5f56691

https://git.kernel.org/stable/c/ac9e103f282a7854f3274ef5ff0742fbbe8d7d6b

https://git.kernel.org/stable/c/c406984738215dc20ac2dc63e49d70f20797730e