DEBIAN-CVE-2023-53759

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2023-53759
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53759.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53759
Upstream
Published
2025-12-08T02:15:51.650Z
Modified
2025-12-08T10:16:26.691574Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen() function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently opening a device. The race is a regression introduced by commit 8590222e4b02 ("HID: hidraw: Replace hidraw device table mutex with a rwsem"). While minorsrwsem is intended to protect the hidrawtable itself, by instead acquiring the lock for writing, the reference counter is also protected. This is symmetrical to hidrawrelease().

References

Affected packages

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.37-1

Affected versions

6.*

6.1.27-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.3.11-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.3.11-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}