CVE-2023-53148

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53148
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53148.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53148
Downstream
Related
Published
2025-09-15T14:03:10.395Z
Modified
2026-03-20T12:32:59.264293Z
Summary
igb: Fix igb_down hung on surprise removal
Details

In the Linux kernel, the following vulnerability has been resolved:

igb: Fix igb_down hung on surprise removal

In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between the PC and the Thunderbolt hub. This is because the igbdown function is called multiple times when the Thunderbolt hub is unplugged. For example, the igbioerrordetected triggers the first call, and the igbremove triggers the second call. The second call to igbdown will block at napi_synchronize. Here's the call trace: __schedule+0x3b0/0xddb ? __modtimer+0x164/0x5d3 schedule+0x44/0xa8 scheduletimeout+0xb2/0x2a4 ? runlocaltimers+0x4e/0x4e msleep+0x31/0x38 igb_down+0x12c/0x22a [igb 6615058754948bfde0bf01429257eb59f13030d4] __igbclose+0x6f/0x9c [igb 6615058754948bfde0bf01429257eb59f13030d4] igbclose+0x23/0x2b [igb 6615058754948bfde0bf01429257eb59f13030d4] __devclosemany+0x95/0xec devclosemany+0x6e/0x103 unregisternetdevicemany+0x105/0x5b1 unregisternetdevicequeue+0xc2/0x10d unregisternetdev+0x1c/0x23 igbremove+0xa7/0x11c [igb 6615058754948bfde0bf01429257eb59f13030d4] pcideviceremove+0x3f/0x9c devicereleasedriverinternal+0xfe/0x1b4 pcistopbusdevice+0x5b/0x7f pcistopbusdevice+0x30/0x7f pcistopbusdevice+0x30/0x7f pcistopandremovebusdevice+0x12/0x19 pciehpunconfiguredevice+0x76/0xe9 pciehpdisableslot+0x6e/0x131 pciehphandlepresenceorlinkchange+0x7a/0x3f7 pciehpist+0xbe/0x194 irqthreadfn+0x22/0x4d ? irqthread+0x1fd/0x1fd irqthread+0x17b/0x1fd ? irqforcedthreadfn+0x5f/0x5f kthread+0x142/0x153 ? _irqgetirqchipstate+0x46/0x46 ? kthreadassociateblkcg+0x71/0x71 retfromfork+0x1f/0x30

In this case, igbioerror_detected detaches the network interface and requests a PCIE slot reset, however, the PCIE reset callback is not being invoked and thus the Ethernet connection breaks down. As the PCIE error in this case is a non-fatal one, requesting a slot reset can be avoided. This patch fixes the task hung issue and preserves Ethernet connection by ignoring non-fatal PCIE errors.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53148.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
9d5c824399dea881779d78a6c147288bf2dccb6b
Fixed
c2312e1d12b1c3ee4100c173131b102e2aed4d04
Fixed
124e39a734cb90658b8f0dc110847bbfc6e33792
Fixed
c9f56f3c7bc908caa772112d3ae71cdd5d18c257
Fixed
994c2ceb70ea99264ccc6f09e6703ca267dad63c
Fixed
fa92c463eba75dcedbd8d689ffdcb83293aaa0c3
Fixed
39695e87d86f0e7d897fba1d2559f825aa20caeb
Fixed
41f63b72a01c0e0ac59ab83fd2d921fcce0f602d
Fixed
004d25060c78fc31f66da0fa439c544dda1ac9d5

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53148.json"