-

CVE-2023-54306

EPSS 0.04%
Veröffentlicht 30.12.2025 12:23:39
Zuletzt bearbeitet 31.12.2025 20:42:43
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

net: tls: avoid hanging tasks on the tx_lock

syzbot sent a hung task report and Eric explains that adversarial
receiver may keep RWIN at 0 for a long time, so we are not guaranteed
to make forward progress. Thread which took tx_lock and went to sleep
may not release tx_lock for hours. Use interruptible sleep where
possible and reschedule the work if it can't take the lock.

Testing: existing selftest passes

Betroffene Produkte Warnungen 0 Metriken 1 CWE 0 Referenzen 9

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerLinux

≫

Produkt Linux

Default Statusunaffected

Version < bde541a57b4204d0a800afbbd3d1c06c9cdb133f

Version 79ffe6087e9145d2377385cac48d0d6a6b4225a5

Status affected

Version < 7123a4337bf73132bbfb5437e4dc83ba864a9a1e

Version 79ffe6087e9145d2377385cac48d0d6a6b4225a5

Status affected

Version < be5d5d0637fd88c18ee76024bdb22649a1de00d6

Version 79ffe6087e9145d2377385cac48d0d6a6b4225a5

Status affected

Version < 1f800f6aae57d2d8f63d32fff383017cbc11cf65

Version 79ffe6087e9145d2377385cac48d0d6a6b4225a5

Status affected

Version < ccf1ccdc5926907befbe880b562b2a4b5f44c087

Version 79ffe6087e9145d2377385cac48d0d6a6b4225a5

Status affected

Version < f3221361dc85d4de22586ce8441ec2c67b454f5d

Version 79ffe6087e9145d2377385cac48d0d6a6b4225a5

Status affected

Version c8d6817345f4ba228d07380e571676405e112872

Status affected

HerstellerLinux

≫

Produkt Linux

Default Statusaffected

Version 5.4

Status affected

Version < 5.4

Version 0

Status unaffected

Version <= 5.4.*

Version 5.4.235

Status unaffected

Version <= 5.10.*

Version 5.10.173

Status unaffected

Version <= 5.15.*

Version 5.15.100

Status unaffected

Version <= 6.1.*

Version 6.1.18

Status unaffected

Version <= 6.2.*

Version 6.2.5

Status unaffected

Version <= *

Version 6.3

Status unaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.099

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String

Es wurden noch keine Informationen zu CWE veröffentlicht.

https://git.kernel.org/stable/c/bde541a57b4204d0a800afbbd3d1c06c9cdb133f

https://git.kernel.org/stable/c/7123a4337bf73132bbfb5437e4dc83ba864a9a1e

https://git.kernel.org/stable/c/be5d5d0637fd88c18ee76024bdb22649a1de00d6

https://git.kernel.org/stable/c/1f800f6aae57d2d8f63d32fff383017cbc11cf65

https://git.kernel.org/stable/c/ccf1ccdc5926907befbe880b562b2a4b5f44c087

https://git.kernel.org/stable/c/f3221361dc85d4de22586ce8441ec2c67b454f5d

https://nvd.nist.gov/vuln/detail/CVE-2023-54306

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-54306

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-54306

EUVD