CVE-2023-54048

EPSS 0.03%
Veröffentlicht 24.12.2025 12:22:58
Zuletzt bearbeitet 29.12.2025 15:58:34
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

RDMA/bnxt_re: Prevent handling any completions after qp destroy

HW may generate completions that indicates QP is destroyed.
Driver should not be scheduling any more completion handlers
for this QP, after the QP is destroyed. Since CQs are active
during the QP destroy, driver may still schedule completion
handlers. This can cause a race where the destroy_cq and poll_cq
running simultaneously.

Snippet of kernel panic while doing bnxt_re driver load unload in loop.
This indicates a poll after the CQ is freed. 

[77786.481636] Call Trace:
[77786.481640]  <TASK>
[77786.481644]  bnxt_re_poll_cq+0x14a/0x620 [bnxt_re]
[77786.481658]  ? kvm_clock_read+0x14/0x30
[77786.481693]  __ib_process_cq+0x57/0x190 [ib_core]
[77786.481728]  ib_cq_poll_work+0x26/0x80 [ib_core]
[77786.481761]  process_one_work+0x1e5/0x3f0
[77786.481768]  worker_thread+0x50/0x3a0
[77786.481785]  ? __pfx_worker_thread+0x10/0x10
[77786.481790]  kthread+0xe2/0x110
[77786.481794]  ? __pfx_kthread+0x10/0x10
[77786.481797]  ret_from_fork+0x2c/0x50

To avoid this, complete all completion handlers before returning the
destroy QP. If free_cq is called soon after destroy_qp,  IB stack
will cancel the CQ work before invoking the destroy_cq verb and
this will prevent any race mentioned.

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 7

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < b79a0e71d6e8692e0b6da05f8aaa7d69191cf7e7

Version 1ac5a404797523cedaf424a3aaa3cf8f9548dff8

Status affected

Version < b8500538b8f5b2cd86b02754c8de83eaa7a2d6ba

Version 1ac5a404797523cedaf424a3aaa3cf8f9548dff8

Status affected

Version < 7faa6097694164380ed19600c7a7993d071270b9

Version 1ac5a404797523cedaf424a3aaa3cf8f9548dff8

Status affected

Version < b5bbc6551297447d3cca55cf907079e206e9cd82

Version 1ac5a404797523cedaf424a3aaa3cf8f9548dff8

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 4.11

Status affected

Version < 4.11

Version 0

Status unaffected

Version <= 5.15.*

Version 5.15.124

Status unaffected

Version <= 6.1.*

Version 6.1.43

Status unaffected

Version <= 6.4.*

Version 6.4.8

Status unaffected

Version <= *

Version 6.5

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.064

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/b79a0e71d6e8692e0b6da05f8aaa7d69191cf7e7

https://git.kernel.org/stable/c/b8500538b8f5b2cd86b02754c8de83eaa7a2d6ba

https://git.kernel.org/stable/c/7faa6097694164380ed19600c7a7993d071270b9

https://git.kernel.org/stable/c/b5bbc6551297447d3cca55cf907079e206e9cd82

https://nvd.nist.gov/vuln/detail/CVE-2023-54048

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54048

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54048

EUVD