DEBIAN-CVE-2023-53204
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-53204
- Import Source
- https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53204.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53204
- Upstream
- Published
- 2025-09-15T15:15:46Z
- Modified
- 2025-09-19T07:33:40.344036Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: afunix: Fix data-races around user->unixinflight. user->unixinflight is changed under spinlock(unixgclock), but toomanyunixfds() reads it locklessly. Let's annotate the write/read accesses to user->unixinflight. BUG: KCSAN: data-race in unixattachfds / unixinflight write to 0xffffffff8546f2d0 of 8 bytes by task 44798 on cpu 1: unixinflight+0x157/0x180 net/unix/scm.c:66 unixattachfds+0x147/0x1e0 net/unix/scm.c:123 unixscmtoskb net/unix/afunix.c:1827 [inline] unixdgramsendmsg+0x46a/0x14f0 net/unix/afunix.c:1950 unixseqpacketsendmsg net/unix/afunix.c:2308 [inline] unixseqpacketsendmsg+0xba/0x130 net/unix/afunix.c:2292 socksendmsgnosec net/socket.c:725 [inline] socksendmsg+0x148/0x160 net/socket.c:748 _syssendmsg+0x4e4/0x610 net/socket.c:2494 syssendmsg+0xc6/0x140 net/socket.c:2548 syssendmsg+0x94/0x140 net/socket.c:2577 _dosyssendmsg net/socket.c:2586 [inline] _sesyssendmsg net/socket.c:2584 [inline] _x64syssendmsg+0x45/0x50 net/socket.c:2584 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x3b/0x90 arch/x86/entry/common.c:80 entrySYSCALL64afterhwframe+0x6e/0xd8 read to 0xffffffff8546f2d0 of 8 bytes by task 44814 on cpu 0: toomanyunixfds net/unix/scm.c:101 [inline] unixattachfds+0x54/0x1e0 net/unix/scm.c:110 unixscmtoskb net/unix/afunix.c:1827 [inline] unixdgramsendmsg+0x46a/0x14f0 net/unix/afunix.c:1950 unixseqpacketsendmsg net/unix/afunix.c:2308 [inline] unixseqpacketsendmsg+0xba/0x130 net/unix/afunix.c:2292 socksendmsgnosec net/socket.c:725 [inline] socksendmsg+0x148/0x160 net/socket.c:748 _syssendmsg+0x4e4/0x610 net/socket.c:2494 _syssendmsg+0xc6/0x140 net/socket.c:2548 _syssendmsg+0x94/0x140 net/socket.c:2577 _dosyssendmsg net/socket.c:2586 [inline] _sesyssendmsg net/socket.c:2584 [inline] _x64syssendmsg+0x45/0x50 net/socket.c:2584 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x3b/0x90 arch/x86/entry/common.c:80 entrySYSCALL64after_hwframe+0x6e/0xd8 value changed: 0x000000000000000c -> 0x000000000000000d Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 44814 Comm: systemd-coredum Not tainted 6.4.0-11989-g6843306689af #6 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
- References
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.197-1
Affected versions
5.*
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.55-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source