CVE-2023-53421

EPSS 0.02%
Veröffentlicht 18.09.2025 16:15:45
Zuletzt bearbeitet 19.09.2025 16:00:27
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
Teams Watchlist Login
Unerledigt Login

In the Linux kernel, the following vulnerability has been resolved:

blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()

When blkg_alloc() is called to allocate a blkcg_gq structure
with the associated blkg_iostat_set's, there are 2 fields within
blkg_iostat_set that requires proper initialization - blkg & sync.
The former field was introduced by commit 3b8cc6298724 ("blk-cgroup:
Optimize blkcg_rstat_flush()") while the later one was introduced by
commit f73316482977 ("blk-cgroup: reimplement basic IO stats using
cgroup rstat").

Unfortunately those fields in the blkg_iostat_set's are not properly
re-initialized when they are cleared in v1's blkcg_reset_stats(). This
can lead to a kernel panic due to NULL pointer access of the blkg
pointer. The missing initialization of sync is less problematic and
can be a problem in a debug kernel due to missing lockdep initialization.

Fix these problems by re-initializing them after memory clearing.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 6

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b0d26283af612b9e0cc3188b0b88ad7fdea447e8

Version f73316482977ac401ac37245c9df48079d4e11f3

Status affected

Version < abbce7f82613ea5eeefd0fc3c1c8e449b9cef2a2

Version f73316482977ac401ac37245c9df48079d4e11f3

Status affected

Version < 3d2af77e31ade05ff7ccc3658c3635ec1bea0979

Version f73316482977ac401ac37245c9df48079d4e11f3

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.5

Status affected

Version < 5.5

Version 0

Status unaffected

Version <= 6.3.*

Version 6.3.13

Status unaffected

Version <= 6.4.*

Version 6.4.4

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.042

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

https://git.kernel.org/stable/c/3d2af77e31ade05ff7ccc3658c3635ec1bea0979

https://git.kernel.org/stable/c/abbce7f82613ea5eeefd0fc3c1c8e449b9cef2a2

https://git.kernel.org/stable/c/b0d26283af612b9e0cc3188b0b88ad7fdea447e8

https://nvd.nist.gov/vuln/detail/CVE-2023-53421

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-53421

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-53421

EUVD