CVE-2023-53109
- Source
- https://cve.org/CVERecord?id=CVE-2023-53109
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53109.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53109
- Downstream
- Related
- Published
- 2025-05-02T15:55:49.654Z
- Modified
- 2026-03-20T12:32:58.270909Z
- Summary
- net: tunnels: annotate lockless accesses to dev->needed_headroom
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: tunnels: annotate lockless accesses to dev->needed_headroom
IP tunnels can apparently update dev->needed_headroom in their xmit path.
This patch takes care of three tunnels xmit, and also the core LLRESERVEDSPACE() and LLRESERVEDSPACE_EXTRA() helpers.
More changes might be needed for completeness.
BUG: KCSAN: data-race in iptunnelxmit / iptunnelxmit
read to 0xffff88815b9da0ec of 2 bytes by task 888 on cpu 1: iptunnelxmit+0x1270/0x1730 net/ipv4/ip_tunnel.c:803 __grexmit net/ipv4/ipgre.c:469 [inline] ipgrexmit+0x516/0x570 net/ipv4/ipgre.c:661 __netdevstartxmit include/linux/netdevice.h:4881 [inline] netdevstartxmit include/linux/netdevice.h:4895 [inline] xmitone net/core/dev.c:3580 [inline] devhardstartxmit+0x127/0x400 net/core/dev.c:3596 __devqueuexmit+0x1007/0x1eb0 net/core/dev.c:4246 devqueuexmit include/linux/netdevice.h:3051 [inline] neighdirectoutput+0x17/0x20 net/core/neighbour.c:1623 neighoutput include/net/neighbour.h:546 [inline] ipfinishoutput2+0x740/0x840 net/ipv4/ipoutput.c:228 ipfinishoutput+0xf4/0x240 net/ipv4/ipoutput.c:316 NFHOOKCOND include/linux/netfilter.h:291 [inline] ipoutput+0xe5/0x1b0 net/ipv4/ipoutput.c:430 dstoutput include/net/dst.h:444 [inline] iplocalout+0x64/0x80 net/ipv4/ipoutput.c:126 iptunnelxmit+0x34a/0x4b0 net/ipv4/iptunnelcore.c:82 iptunnelxmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813 __grexmit net/ipv4/ipgre.c:469 [inline] ipgrexmit+0x516/0x570 net/ipv4/ipgre.c:661 __netdevstartxmit include/linux/netdevice.h:4881 [inline] netdevstartxmit include/linux/netdevice.h:4895 [inline] xmitone net/core/dev.c:3580 [inline] devhardstartxmit+0x127/0x400 net/core/dev.c:3596 __devqueuexmit+0x1007/0x1eb0 net/core/dev.c:4246 devqueuexmit include/linux/netdevice.h:3051 [inline] neighdirectoutput+0x17/0x20 net/core/neighbour.c:1623 neighoutput include/net/neighbour.h:546 [inline] ipfinishoutput2+0x740/0x840 net/ipv4/ipoutput.c:228 ipfinishoutput+0xf4/0x240 net/ipv4/ipoutput.c:316 NFHOOKCOND include/linux/netfilter.h:291 [inline] ipoutput+0xe5/0x1b0 net/ipv4/ipoutput.c:430 dstoutput include/net/dst.h:444 [inline] iplocalout+0x64/0x80 net/ipv4/ipoutput.c:126 iptunnelxmit+0x34a/0x4b0 net/ipv4/iptunnelcore.c:82 iptunnelxmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813 __grexmit net/ipv4/ipgre.c:469 [inline] ipgrexmit+0x516/0x570 net/ipv4/ipgre.c:661 __netdevstartxmit include/linux/netdevice.h:4881 [inline] netdevstartxmit include/linux/netdevice.h:4895 [inline] xmitone net/core/dev.c:3580 [inline] devhardstartxmit+0x127/0x400 net/core/dev.c:3596 __devqueuexmit+0x1007/0x1eb0 net/core/dev.c:4246 devqueuexmit include/linux/netdevice.h:3051 [inline] neighdirectoutput+0x17/0x20 net/core/neighbour.c:1623 neighoutput include/net/neighbour.h:546 [inline] ipfinishoutput2+0x740/0x840 net/ipv4/ipoutput.c:228 ipfinishoutput+0xf4/0x240 net/ipv4/ipoutput.c:316 NFHOOKCOND include/linux/netfilter.h:291 [inline] ipoutput+0xe5/0x1b0 net/ipv4/ipoutput.c:430 dstoutput include/net/dst.h:444 [inline] iplocalout+0x64/0x80 net/ipv4/ipoutput.c:126 iptunnelxmit+0x34a/0x4b0 net/ipv4/iptunnelcore.c:82 iptunnelxmit+0x1451/0x1730 net/ipv4/ip_tunnel.c:813 __grexmit net/ipv4/ipgre.c:469 [inline] ipgrexmit+0x516/0x570 net/ipv4/ipgre.c:661 __netdevstartxmit include/linux/netdevice.h:4881 [inline] netdevstartxmit include/linux/netdevice.h:4895 [inline] xmitone net/core/dev.c:3580 [inline] devhardstartxmit+0x127/0x400 net/core/dev.c:3596 __devqueuexmit+0x1007/0x1eb0 net/core/dev.c:4246 devqueuexmit include/linux/netdevice.h:3051 [inline] neighdirectoutput+0x17/0x20 net/core/neighbour.c:1623 neighoutput include/net/neighbour.h:546 [inline] ipfinishoutput2+0x740/0x840 net/ipv4/ipoutput.c:228 ipfinishoutput+0xf4/0x240 net/ipv4/ipoutput.c:316 NFHOOKCOND include/linux/netfilter.h:291 [inline] ipoutput+0xe5/0x1b0 net/i ---truncated---
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53109.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/4b397c06cb987935b1b097336532aa6b4210e091
- https://git.kernel.org/stable/c/51f3bd3765bc5ca4583af07a00833da00d2ace1d
- https://git.kernel.org/stable/c/5aaab217c8f5387b9c5fff9e940d80f135e04366
- https://git.kernel.org/stable/c/8e206f66d824b3b28a7f9ee1366dfc79a937bb46
- https://git.kernel.org/stable/c/9b86a8702b042ee4e15d2d46375be873a6a8834f
- https://git.kernel.org/stable/c/a69b72b57b7d269e833e520ba7500d556e8189b6
- https://git.kernel.org/stable/c/be59b87ee4aed81db7c10e44f603866a0ac3ca5d
- https://git.kernel.org/stable/c/e0a557fc1daf5c1086e47150a4571aebadbb62be
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53109.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53109
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced8eb30be0352d09165e94a41fef1c7b994dca0714Fixed8e206f66d824b3b28a7f9ee1366dfc79a937bb46Fixed51f3bd3765bc5ca4583af07a00833da00d2ace1dFixed5aaab217c8f5387b9c5fff9e940d80f135e04366Fixedbe59b87ee4aed81db7c10e44f603866a0ac3ca5dFixede0a557fc1daf5c1086e47150a4571aebadbb62beFixeda69b72b57b7d269e833e520ba7500d556e8189b6Fixed9b86a8702b042ee4e15d2d46375be873a6a8834fFixed4b397c06cb987935b1b097336532aa6b4210e091