CVE-2023-53121— tcp: tcp_make_synack() can be called from process context
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2023-53121
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
tcp: tcp_make_synack() can be called from process context
Source: NVD (National Vulnerability Database)
Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: tcp: tcp_make_synack() can be called from process context tcp_rtx_synack() now could be called in process context as explained in 0a375c822497 ("tcp: tcp_rtx_synack() can be called from process context"). tcp_rtx_synack() might call tcp_make_synack(), which will touch per-CPU variables with preemption enabled. This causes the following BUG: BUG: using __this_cpu_add() in preemptible [00000000] code: ThriftIO1/5464 caller is tcp_make_synack+0x841/0xac0 Call Trace: <TASK> dump_stack_lvl+0x10d/0x1a0 check_preemption_disabled+0x104/0x110 tcp_make_synack+0x841/0xac0 tcp_v6_send_synack+0x5c/0x450 tcp_rtx_synack+0xeb/0x1f0 inet_rtx_syn_ack+0x34/0x60 tcp_check_req+0x3af/0x9e0 tcp_rcv_state_process+0x59b/0x2030 tcp_v6_do_rcv+0x5f5/0x700 release_sock+0x3a/0xf0 tcp_sendmsg+0x33/0x40 ____sys_sendmsg+0x2f2/0x490 __sys_sendmsg+0x184/0x230 do_syscall_64+0x3d/0x90 Avoid calling __TCP_INC_STATS() with will touch per-cpu variables. Use TCP_INC_STATS() which is safe to be called from context switch.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Linux kernel 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于tcp_make_synack在进程上下文中访问每CPU变量时未禁用抢占。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
II. Public POCs for CVE-2023-53121
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2023-53121
请登录查看更多情报信息。
Same Patch Batch · Linux · 2025-05-02 · 107 CVEs total
| CVE-2023-53100 | ext4: fix WARNING in ext4_update_inline_data | |
| CVE-2023-53114 | i40e: Fix kernel crash during reboot when adapter is in recovery mode | |
| CVE-2023-53112 | drm/i915/sseu: fix max_subslices array-index-out-of-bounds access | |
| CVE-2023-53113 | wifi: nl80211: fix NULL-ptr deref in offchan check | |
| CVE-2023-53111 | loop: Fix use-after-free issues | |
| CVE-2023-53109 | net: tunnels: annotate lockless accesses to dev->needed_headroom | |
| CVE-2023-53110 | net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler() | |
| CVE-2023-53108 | net/iucv: Fix size of interrupt data | |
| CVE-2023-53106 | nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition | |
| CVE-2023-53107 | veth: Fix use after free in XDP_REDIRECT | |
| CVE-2023-53105 | net/mlx5e: Fix cleanup null-ptr deref on encap lock | |
| CVE-2023-53103 | bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails | |
| CVE-2023-53101 | ext4: zero i_disksize when initializing the bootloader inode | |
| CVE-2023-53102 | ice: xsk: disable txq irq before flushing hw | |
| CVE-2023-53090 | drm/amdkfd: Fix an illegal memory access | |
| CVE-2023-53092 | interconnect: exynos: fix node leak in probe PM QoS error path | |
| CVE-2023-53093 | tracing: Do not let histogram values have some modifiers | |
| CVE-2023-53091 | ext4: update s_journal_inum if it changes after journal replay | |
| CVE-2023-53094 | tty: serial: fsl_lpuart: fix race on RX DMA shutdown | |
| CVE-2023-53089 | ext4: fix task hung in ext4_xattr_delete_inode |
Showing top 20 of 107 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same product: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
Same vendor: Linux
- CVE-2026-43500
rxrpc: Also unshare DATA/RESPONSE packets when paged frags a - CVE-2026-43475
scsi: storvsc: Fix scheduling while atomic on PREEMPT_RT - CVE-2026-43474
fs: init flags_valid before calling vfs_fileattr_get - CVE-2026-43473
scsi: mpi3mr: Add NULL checks when resetting request and rep - CVE-2026-43472
unshare: fix unshare_fs() handling
V. Comments for CVE-2023-53121
No comments yet