CVE-2023-53133
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2023-53133
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53133.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53133
- Downstream
- Published
- 2025-05-02T15:56:06Z
- Modified
- 2025-10-15T15:14:18.003882Z
- Summary
- bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bpf, sockmap: Fix an infinite loop error when len is 0 in tcpbpfrecvmsg_parser()
When the buffer length of the recvmsg system call is 0, we got the flollowing soft lockup problem:
watchdog: BUG: soft lockup - CPU#3 stuck for 27s! [a.out:6149] CPU: 3 PID: 6149 Comm: a.out Kdump: loaded Not tainted 6.2.0+ #30 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014 RIP: 0010:removewaitqueue+0xb/0xc0 Code: 5e 41 5f c3 cc cc cc cc 0f 1f 80 00 00 00 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 0f 1f 44 00 00 41 57 <41> 56 41 55 41 54 55 48 89 fd 53 48 89 f3 4c 8d 6b 18 4c 8d 73 20 RSP: 0018:ffff88811b5978b8 EFLAGS: 00000246 RAX: 0000000000000000 RBX: ffff88811a7d3780 RCX: ffffffffb7a4d768 RDX: dffffc0000000000 RSI: ffff88811b597908 RDI: ffff888115408040 RBP: 1ffff110236b2f1b R08: 0000000000000000 R09: ffff88811a7d37e7 R10: ffffed10234fa6fc R11: 0000000000000001 R12: ffff88811179b800 R13: 0000000000000001 R14: ffff88811a7d38a8 R15: ffff88811a7d37e0 FS: 00007f6fb5398740(0000) GS:ffff888237180000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000020000000 CR3: 000000010b6ba002 CR4: 0000000000370ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> tcpmsgwaitdata+0x279/0x2f0 tcpbpfrecvmsgparser+0x3c6/0x490 inetrecvmsg+0x280/0x290 sockrecvmsg+0xfc/0x120 _sysrecvmsg+0x160/0x3d0 sysrecvmsg+0xf0/0x180 _sysrecvmsg+0xea/0x1a0 dosyscall64+0x3f/0x90 entrySYSCALL64afterhwframe+0x72/0xdc
The logic in tcpbpfrecvmsg_parser is as follows:
msgbytesready: copied = skmsgrecvmsg(sk, psock, msg, len, flags); if (!copied) { wait data; goto msgbytesready; }
In this case, "copied" always is 0, the infinite loop occurs.
According to the Linux system call man page, 0 should be returned in this case. Therefore, in tcpbpfrecvmsg_parser(), if the length is 0, directly return. Also modify several other functions with the same problem.
- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/4a476285f6d2921c3c9faa494eab83b78f78fc55
- https://git.kernel.org/stable/c/bf0579989de64d36e177c0611c685dc4a91457a7
- https://git.kernel.org/stable/c/d900f3d20cc3169ce42ec72acc850e662a4d4db2
- https://git.kernel.org/stable/c/f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced604326b41a6fb9b4a78b6179335decee0365cd8cFixed4a476285f6d2921c3c9faa494eab83b78f78fc55
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced604326b41a6fb9b4a78b6179335decee0365cd8cFixedf45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced604326b41a6fb9b4a78b6179335decee0365cd8cFixedbf0579989de64d36e177c0611c685dc4a91457a7
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced604326b41a6fb9b4a78b6179335decee0365cd8cFixedd900f3d20cc3169ce42ec72acc850e662a4d4db2
Affected versions
v4.*
v4.19
v4.19-rc7
v4.19-rc8
v4.20
v4.20-rc1
v4.20-rc2
v4.20-rc3
v4.20-rc4
v4.20-rc5
v4.20-rc6
v4.20-rc7
v5.*
v5.0
v5.0-rc1
v5.0-rc2
v5.0-rc3
v5.0-rc4
v5.0-rc5
v5.0-rc6
v5.0-rc7
v5.0-rc8
v5.1
v5.1-rc1
v5.1-rc2
v5.1-rc3
v5.1-rc4
v5.1-rc5
v5.1-rc6
v5.1-rc7
v5.10
v5.10-rc1
v5.10-rc2
v5.10-rc3
v5.10-rc4
v5.10-rc5
v5.10-rc6
v5.10-rc7
v5.11
v5.11-rc1
v5.11-rc2
v5.11-rc3
v5.11-rc4
v5.11-rc5
v5.11-rc6
v5.11-rc7
v5.12
v5.12-rc1
v5.12-rc1-dontuse
v5.12-rc2
v5.12-rc3
v5.12-rc4
v5.12-rc5
v5.12-rc6
v5.12-rc7
v5.12-rc8
v5.13
v5.13-rc1
v5.13-rc2
v5.13-rc3
v5.13-rc4
v5.13-rc5
v5.13-rc6
v5.13-rc7
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.100
v5.15.101
v5.15.102
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v5.2
v5.2-rc1
v5.2-rc2
v5.2-rc3
v5.2-rc4
v5.2-rc5
v5.2-rc6
v5.2-rc7
v5.3
v5.3-rc1
v5.3-rc2
v5.3-rc3
v5.3-rc4
v5.3-rc5
v5.3-rc6
v5.3-rc7
v5.3-rc8
v5.4
v5.4-rc1
v5.4-rc2
v5.4-rc3
v5.4-rc4
v5.4-rc5
v5.4-rc6
v5.4-rc7
v5.4-rc8
v5.5
v5.5-rc1
v5.5-rc2
v5.5-rc3
v5.5-rc4
v5.5-rc5
v5.5-rc6
v5.5-rc7
v5.6
v5.6-rc1
v5.6-rc2
v5.6-rc3
v5.6-rc4
v5.6-rc5
v5.6-rc6
v5.6-rc7
v5.7
v5.7-rc1
v5.7-rc2
v5.7-rc3
v5.7-rc4
v5.7-rc5
v5.7-rc6
v5.7-rc7
v5.8
v5.8-rc1
v5.8-rc2
v5.8-rc3
v5.8-rc4
v5.8-rc5
v5.8-rc6
v5.8-rc7
v5.9
v5.9-rc1
v5.9-rc2
v5.9-rc3
v5.9-rc4
v5.9-rc5
v5.9-rc6
v5.9-rc7
v5.9-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
Database specific
vanir_signatures
[
{
"id": "CVE-2023-53133-1b8a7341",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03",
"signature_type": "Line",
"digest": {
"line_hashes": [
"119348215406133859418116062704674202253",
"248242197927243952981694504725271913650",
"88317464986688606779843997016444049453",
"2469246664104793938131416359256952415",
"248242197927243952981694504725271913650",
"88317464986688606779843997016444049453"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-201119f4",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c",
"function": "tcp_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0579989de64d36e177c0611c685dc4a91457a7",
"signature_type": "Function",
"digest": {
"length": 990.0,
"function_hash": "206788411346960780601354895297914592559"
}
},
{
"id": "CVE-2023-53133-2a9752bf",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/udp_bpf.c",
"function": "udp_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d900f3d20cc3169ce42ec72acc850e662a4d4db2",
"signature_type": "Function",
"digest": {
"length": 853.0,
"function_hash": "238163351252264516394050142086350372753"
}
},
{
"id": "CVE-2023-53133-38c8db77",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/unix/unix_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03",
"signature_type": "Line",
"digest": {
"line_hashes": [
"270026086286472646038916042462540980835",
"147034645154321740165290866314761591992",
"645763165599479276005444783540521470"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-3c7ceae1",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/udp_bpf.c",
"function": "udp_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03",
"signature_type": "Function",
"digest": {
"length": 853.0,
"function_hash": "238163351252264516394050142086350372753"
}
},
{
"id": "CVE-2023-53133-3dcac149",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c",
"function": "tcp_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d900f3d20cc3169ce42ec72acc850e662a4d4db2",
"signature_type": "Function",
"digest": {
"length": 990.0,
"function_hash": "206788411346960780601354895297914592559"
}
},
{
"id": "CVE-2023-53133-420092de",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c",
"function": "tcp_bpf_recvmsg_parser"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03",
"signature_type": "Function",
"digest": {
"length": 1054.0,
"function_hash": "11441715296483397234669763624517268465"
}
},
{
"id": "CVE-2023-53133-5757f451",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d900f3d20cc3169ce42ec72acc850e662a4d4db2",
"signature_type": "Line",
"digest": {
"line_hashes": [
"119348215406133859418116062704674202253",
"248242197927243952981694504725271913650",
"88317464986688606779843997016444049453",
"2469246664104793938131416359256952415",
"248242197927243952981694504725271913650",
"88317464986688606779843997016444049453"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-61a24392",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/udp_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03",
"signature_type": "Line",
"digest": {
"line_hashes": [
"2469246664104793938131416359256952415",
"248242197927243952981694504725271913650",
"72769051735560905175768918780850280006"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-674f57c5",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c",
"function": "tcp_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03",
"signature_type": "Function",
"digest": {
"length": 990.0,
"function_hash": "206788411346960780601354895297914592559"
}
},
{
"id": "CVE-2023-53133-6a541f35",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/udp_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d900f3d20cc3169ce42ec72acc850e662a4d4db2",
"signature_type": "Line",
"digest": {
"line_hashes": [
"2469246664104793938131416359256952415",
"248242197927243952981694504725271913650",
"72769051735560905175768918780850280006"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-73bb0521",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0579989de64d36e177c0611c685dc4a91457a7",
"signature_type": "Line",
"digest": {
"line_hashes": [
"119348215406133859418116062704674202253",
"248242197927243952981694504725271913650",
"88317464986688606779843997016444049453",
"2469246664104793938131416359256952415",
"248242197927243952981694504725271913650",
"88317464986688606779843997016444049453"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-9933cbb3",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c",
"function": "tcp_bpf_recvmsg_parser"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0579989de64d36e177c0611c685dc4a91457a7",
"signature_type": "Function",
"digest": {
"length": 1054.0,
"function_hash": "11441715296483397234669763624517268465"
}
},
{
"id": "CVE-2023-53133-9cba7793",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/unix/unix_bpf.c",
"function": "unix_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@f45cf3ae3068e70e2c7f3e24a7f8e8aa99511f03",
"signature_type": "Function",
"digest": {
"length": 951.0,
"function_hash": "187032837152796223097998284553928440238"
}
},
{
"id": "CVE-2023-53133-ae5f242e",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/unix/unix_bpf.c",
"function": "unix_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d900f3d20cc3169ce42ec72acc850e662a4d4db2",
"signature_type": "Function",
"digest": {
"length": 951.0,
"function_hash": "187032837152796223097998284553928440238"
}
},
{
"id": "CVE-2023-53133-c1de526f",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/udp_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0579989de64d36e177c0611c685dc4a91457a7",
"signature_type": "Line",
"digest": {
"line_hashes": [
"2469246664104793938131416359256952415",
"248242197927243952981694504725271913650",
"72769051735560905175768918780850280006"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-c56f0733",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/unix/unix_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0579989de64d36e177c0611c685dc4a91457a7",
"signature_type": "Line",
"digest": {
"line_hashes": [
"270026086286472646038916042462540980835",
"147034645154321740165290866314761591992",
"645763165599479276005444783540521470"
],
"threshold": 0.9
}
},
{
"id": "CVE-2023-53133-da07c90f",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/unix/unix_bpf.c",
"function": "unix_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0579989de64d36e177c0611c685dc4a91457a7",
"signature_type": "Function",
"digest": {
"length": 951.0,
"function_hash": "187032837152796223097998284553928440238"
}
},
{
"id": "CVE-2023-53133-dbfd2489",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/udp_bpf.c",
"function": "udp_bpf_recvmsg"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@bf0579989de64d36e177c0611c685dc4a91457a7",
"signature_type": "Function",
"digest": {
"length": 853.0,
"function_hash": "238163351252264516394050142086350372753"
}
},
{
"id": "CVE-2023-53133-e5a0d59f",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/ipv4/tcp_bpf.c",
"function": "tcp_bpf_recvmsg_parser"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d900f3d20cc3169ce42ec72acc850e662a4d4db2",
"signature_type": "Function",
"digest": {
"length": 1054.0,
"function_hash": "11441715296483397234669763624517268465"
}
},
{
"id": "CVE-2023-53133-fbcce283",
"signature_version": "v1",
"deprecated": false,
"target": {
"file": "net/unix/unix_bpf.c"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@d900f3d20cc3169ce42ec72acc850e662a4d4db2",
"signature_type": "Line",
"digest": {
"line_hashes": [
"270026086286472646038916042462540980835",
"147034645154321740165290866314761591992",
"645763165599479276005444783540521470"
],
"threshold": 0.9
}
}
]