CVE-2023-53140
- Source
- https://cve.org/CVERecord?id=CVE-2023-53140
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53140.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53140
- Downstream
- Related
- Published
- 2025-05-02T15:56:11.666Z
- Modified
- 2026-03-09T23:58:07.540467Z
- Summary
- scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
scsi: core: Remove the /proc/scsi/${proc_name} directory earlier
Remove the /proc/scsi/${proc_name} directory earlier to fix a race condition between unloading and reloading kernel modules. This fixes a bug introduced in 2009 by commit 77c019768f06 ("[SCSI] fix /proc memory leak in the SCSI core").
Fix the following kernel warning:
procdirentry 'scsi/scsidebug' already registered WARNING: CPU: 19 PID: 27986 at fs/proc/generic.c:376 procregister+0x27d/0x2e0 Call Trace: procmkdir+0xb5/0xe0 scsiprochostdiradd+0xb5/0x170 scsihostalloc+0x683/0x6c0 sdebugdriverprobe+0x6b/0x2d0 [scsidebug] reallyprobe+0x159/0x540 __driverprobedevice+0xdc/0x230 driverprobedevice+0x4f/0x120 __deviceattachdriver+0xef/0x180 busforeach_drv+0xe5/0x130 __deviceattach+0x127/0x290 deviceinitialprobe+0x17/0x20 busprobedevice+0x110/0x130 deviceadd+0x673/0xc80 deviceregister+0x1e/0x30 sdebugaddhosthelper+0x1a7/0x3b0 [scsidebug] scsidebuginit+0x64f/0x1000 [scsidebug] dooneinitcall+0xd7/0x470 doinitmodule+0xe7/0x330 load_module+0x122a/0x12c0 __dosysfinit_module+0x124/0x1a0 _x64sysfinitmodule+0x46/0x50 dosyscall64+0x38/0x80 entrySYSCALL64afterhwframe+0x46/0xb0
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53140.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/13daafe1e209b03e9bda16ff2bd2b2da145a139b
- https://git.kernel.org/stable/c/17e98a5ede81b7696bec421f7afa2dfe467f5e6b
- https://git.kernel.org/stable/c/1ec363599f8346d5a8d08c71a0d9860d6c420ec0
- https://git.kernel.org/stable/c/6b223e32d66ca9db1f252f433514783d8b22a8e1
- https://git.kernel.org/stable/c/891a3cba425cf483d96facca55aebd6ff1da4338
- https://git.kernel.org/stable/c/e471e928de97b00f297ad1015cc14f9459765713
- https://git.kernel.org/stable/c/fc663711b94468f4e1427ebe289c9f05669699c9
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53140.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53140
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced77c019768f0607c36e25bec11ce3e1eabef09277Fixed13daafe1e209b03e9bda16ff2bd2b2da145a139bFixed891a3cba425cf483d96facca55aebd6ff1da4338Fixed6b223e32d66ca9db1f252f433514783d8b22a8e1Fixede471e928de97b00f297ad1015cc14f9459765713Fixed17e98a5ede81b7696bec421f7afa2dfe467f5e6bFixed1ec363599f8346d5a8d08c71a0d9860d6c420ec0Fixedfc663711b94468f4e1427ebe289c9f05669699c9