CVE-2023-53204
- Source
- https://cve.org/CVERecord?id=CVE-2023-53204
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53204.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53204
- Downstream
- Related
- Published
- 2025-09-15T14:21:32.696Z
- Modified
- 2026-03-20T12:33:01.301044Z
- Summary
- af_unix: Fix data-races around user->unix_inflight.
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
afunix: Fix data-races around user->unixinflight.
user->unixinflight is changed under spinlock(unixgclock), but toomanyunix_fds() reads it locklessly.
Let's annotate the write/read accesses to user->unix_inflight.
BUG: KCSAN: data-race in unixattachfds / unix_inflight
write to 0xffffffff8546f2d0 of 8 bytes by task 44798 on cpu 1: unixinflight+0x157/0x180 net/unix/scm.c:66 unixattachfds+0x147/0x1e0 net/unix/scm.c:123 unixscmtoskb net/unix/afunix.c:1827 [inline] unixdgramsendmsg+0x46a/0x14f0 net/unix/afunix.c:1950 unixseqpacketsendmsg net/unix/afunix.c:2308 [inline] unixseqpacketsendmsg+0xba/0x130 net/unix/afunix.c:2292 socksendmsgnosec net/socket.c:725 [inline] sock_sendmsg+0x148/0x160 net/socket.c:748 ____sys_sendmsg+0x4e4/0x610 net/socket.c:2494 ___sys_sendmsg+0xc6/0x140 net/socket.c:2548 __sys_sendmsg+0x94/0x140 net/socket.c:2577 __dosyssendmsg net/socket.c:2586 [inline] __sesyssendmsg net/socket.c:2584 [inline] __x64syssendmsg+0x45/0x50 net/socket.c:2584 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x3b/0x90 arch/x86/entry/common.c:80 entrySYSCALL64afterhwframe+0x6e/0xd8
read to 0xffffffff8546f2d0 of 8 bytes by task 44814 on cpu 0: toomanyunixfds net/unix/scm.c:101 [inline] unixattachfds+0x54/0x1e0 net/unix/scm.c:110 unixscmtoskb net/unix/afunix.c:1827 [inline] unixdgramsendmsg+0x46a/0x14f0 net/unix/afunix.c:1950 unixseqpacketsendmsg net/unix/afunix.c:2308 [inline] unixseqpacketsendmsg+0xba/0x130 net/unix/afunix.c:2292 socksendmsgnosec net/socket.c:725 [inline] sock_sendmsg+0x148/0x160 net/socket.c:748 ____sys_sendmsg+0x4e4/0x610 net/socket.c:2494 ___sys_sendmsg+0xc6/0x140 net/socket.c:2548 __sys_sendmsg+0x94/0x140 net/socket.c:2577 __dosyssendmsg net/socket.c:2586 [inline] __sesyssendmsg net/socket.c:2584 [inline] __x64syssendmsg+0x45/0x50 net/socket.c:2584 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x3b/0x90 arch/x86/entry/common.c:80 entrySYSCALL64afterhwframe+0x6e/0xd8
value changed: 0x000000000000000c -> 0x000000000000000d
Reported by Kernel Concurrency Sanitizer on: CPU: 0 PID: 44814 Comm: systemd-coredum Not tainted 6.4.0-11989-g6843306689af #6 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53204.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/03d133dfbcec9d439729cc64706c7eb6d1663a24
- https://git.kernel.org/stable/c/0bc36c0650b21df36fbec8136add83936eaf0607
- https://git.kernel.org/stable/c/9151ed4b006125cba7c06c79df504340ea4e9386
- https://git.kernel.org/stable/c/ac92f239a079678a035c0faad9089354a874aede
- https://git.kernel.org/stable/c/adcf4e069358cdee8593663650ea447215a1c49e
- https://git.kernel.org/stable/c/b401d7e485b0a234cf8fe9a6ae99dbcd20863138
- https://git.kernel.org/stable/c/b9cdbb38e030fc2fe97fe27b54cbb6b4fbff250f
- https://git.kernel.org/stable/c/df97b5ea9f3ac9308c3a633524dab382cd59d9e5
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53204.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53204
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced712f4aad406bb1ed67f3f98d04c044191f0ff593Fixeddf97b5ea9f3ac9308c3a633524dab382cd59d9e5Fixed03d133dfbcec9d439729cc64706c7eb6d1663a24Fixedadcf4e069358cdee8593663650ea447215a1c49eFixedb401d7e485b0a234cf8fe9a6ae99dbcd20863138Fixed9151ed4b006125cba7c06c79df504340ea4e9386Fixedb9cdbb38e030fc2fe97fe27b54cbb6b4fbff250fFixedac92f239a079678a035c0faad9089354a874aedeFixed0bc36c0650b21df36fbec8136add83936eaf0607
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affecteda5a6cf8c405e826ff7ed1308dde72560c0ed4854Last affecteddf87da0783c4492b944badfea9d5c3c56b834697Last affected3d024dcef2548028e9f9b7876a544e6e0af00175Last affectedaa51d1c24ec3b6605f7cc7ef500c96cd71d7ef90Last affecteda5b9e44af8d3edaf49d14a91cc519a9fba439e67Last affecteddc6b0ec667f67d4768e72c1b7f1bbc14ea52379cLast affected9b8b611fe0f86f07a4ff4a5f3bcb0ea7ceb7da3bLast affected5e226f9689d90ad8ab21b4a969ae3058777f0aff