CVE-2023-54218
- Source
- https://cve.org/CVERecord?id=CVE-2023-54218
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-54218.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-54218
- Downstream
- Related
- Published
- 2025-12-30T12:11:14.059Z
- Modified
- 2026-03-11T07:53:25.650198Z
- Summary
- net: Fix load-tearing on sk->sk_stamp in sock_recv_cmsgs().
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
net: Fix load-tearing on sk->skstamp in sockrecv_cmsgs().
KCSAN found a data race in sockrecvcmsgs() where the read access to sk->skstamp needs READONCE().
BUG: KCSAN: data-race in packetrecvmsg / packetrecvmsg
write (marked) to 0xffff88803c81f258 of 8 bytes by task 19171 on cpu 0: sockwritetimestamp include/net/sock.h:2670 [inline] sockrecvcmsgs include/net/sock.h:2722 [inline] packetrecvmsg+0xb97/0xd00 net/packet/afpacket.c:3489 sockrecvmsgnosec net/socket.c:1019 [inline] sockrecvmsg+0x11a/0x130 net/socket.c:1040 sockreaditer+0x176/0x220 net/socket.c:1118 callreaditer include/linux/fs.h:1845 [inline] newsyncread fs/readwrite.c:389 [inline] vfsread+0x5e0/0x630 fs/readwrite.c:470 ksysread+0x163/0x1a0 fs/readwrite.c:613 __dosysread fs/read_write.c:623 [inline] __sesysread fs/read_write.c:621 [inline] _x64sysread+0x41/0x50 fs/readwrite.c:621 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x3b/0x90 arch/x86/entry/common.c:80 entrySYSCALL64afterhwframe+0x72/0xdc
read to 0xffff88803c81f258 of 8 bytes by task 19183 on cpu 1: sockrecvcmsgs include/net/sock.h:2721 [inline] packetrecvmsg+0xb64/0xd00 net/packet/afpacket.c:3489 sockrecvmsgnosec net/socket.c:1019 [inline] sockrecvmsg+0x11a/0x130 net/socket.c:1040 sockreaditer+0x176/0x220 net/socket.c:1118 callreaditer include/linux/fs.h:1845 [inline] newsyncread fs/readwrite.c:389 [inline] vfsread+0x5e0/0x630 fs/readwrite.c:470 ksysread+0x163/0x1a0 fs/readwrite.c:613 __dosysread fs/read_write.c:623 [inline] __sesysread fs/read_write.c:621 [inline] _x64sysread+0x41/0x50 fs/readwrite.c:621 dosyscallx64 arch/x86/entry/common.c:50 [inline] dosyscall64+0x3b/0x90 arch/x86/entry/common.c:80 entrySYSCALL64afterhwframe+0x72/0xdc
value changed: 0xffffffffc4653600 -> 0x0000000000000000
Reported by Kernel Concurrency Sanitizer on: CPU: 1 PID: 19183 Comm: syz-executor.5 Not tainted 6.3.0-rc7-02330-gca6270c12e20 #2 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org 04/01/2014
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54218.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/564c3150ad357d571a0de7d8b644aa1f7e6e21b7
- https://git.kernel.org/stable/c/7145f2309d649ad6273b9f66448321b9b4c523c8
- https://git.kernel.org/stable/c/8319220054e5ea5f506d8d4c4b5e234f668ffc3b
- https://git.kernel.org/stable/c/d06f67b2b8dcd00d995c468428b6bccebc5762d8
- https://git.kernel.org/stable/c/d7343f8de019ebb55b2b6ef79b971f6ceb361a99
- https://git.kernel.org/stable/c/de260d1e02cde39d317066835ee6e5234fc9f5a8
- https://git.kernel.org/stable/c/dfd9248c071a3710c24365897459538551cb7167
- https://git.kernel.org/stable/c/fd28692fa182d25e8d26bc1db506648839fde245
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54218.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-54218
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced6c7c98bad4883a4a8710c96b2b44de482865eb6eFixedfd28692fa182d25e8d26bc1db506648839fde245Fixed564c3150ad357d571a0de7d8b644aa1f7e6e21b7Fixedd7343f8de019ebb55b2b6ef79b971f6ceb361a99Fixedd06f67b2b8dcd00d995c468428b6bccebc5762d8Fixedde260d1e02cde39d317066835ee6e5234fc9f5a8Fixed7145f2309d649ad6273b9f66448321b9b4c523c8Fixed8319220054e5ea5f506d8d4c4b5e234f668ffc3bFixeddfd9248c071a3710c24365897459538551cb7167
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced4.12.0Fixed4.14.316
- Type
- ECOSYSTEM
- Events
-
Introduced4.15.0Fixed4.19.284
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.244
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.181
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.113
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.30
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.3.4