DEBIAN-CVE-2023-53148

See a problem?
Please try reporting it to the source first.
Source
https://security-tracker.debian.org/tracker/CVE-2023-53148
Import Source
https://storage.googleapis.com/osv-test-debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53148.json
JSON Data
https://api.test.osv.dev/v1/vulns/DEBIAN-CVE-2023-53148
Upstream
Published
2025-09-15T14:15:37Z
Modified
2025-09-19T07:33:39.515498Z
Summary
[none]
Details

In the Linux kernel, the following vulnerability has been resolved: igb: Fix igbdown hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type-C, users may experience a hung task timeout when they remove the cable between the PC and the Thunderbolt hub. This is because the igbdown function is called multiple times when the Thunderbolt hub is unplugged. For example, the igbioerrordetected triggers the first call, and the igbremove triggers the second call. The second call to igbdown will block at napisynchronize. Here's the call trace: _schedule+0x3b0/0xddb ? _modtimer+0x164/0x5d3 schedule+0x44/0xa8 scheduletimeout+0xb2/0x2a4 ? runlocaltimers+0x4e/0x4e msleep+0x31/0x38 igbdown+0x12c/0x22a [igb 6615058754948bfde0bf01429257eb59f13030d4] _igbclose+0x6f/0x9c [igb 6615058754948bfde0bf01429257eb59f13030d4] igbclose+0x23/0x2b [igb 6615058754948bfde0bf01429257eb59f13030d4] _devclosemany+0x95/0xec devclosemany+0x6e/0x103 unregisternetdevicemany+0x105/0x5b1 unregisternetdevicequeue+0xc2/0x10d unregisternetdev+0x1c/0x23 igbremove+0xa7/0x11c [igb 6615058754948bfde0bf01429257eb59f13030d4] pcideviceremove+0x3f/0x9c devicereleasedriverinternal+0xfe/0x1b4 pcistopbusdevice+0x5b/0x7f pcistopbusdevice+0x30/0x7f pcistopbusdevice+0x30/0x7f pcistopandremovebusdevice+0x12/0x19 pciehpunconfiguredevice+0x76/0xe9 pciehpdisableslot+0x6e/0x131 pciehphandlepresenceorlinkchange+0x7a/0x3f7 pciehpist+0xbe/0x194 irqthreadfn+0x22/0x4d ? irqthread+0x1fd/0x1fd irqthread+0x17b/0x1fd ? irqforcedthreadfn+0x5f/0x5f kthread+0x142/0x153 ? _irqgetirqchipstate+0x46/0x46 ? kthreadassociateblkcg+0x71/0x71 retfromfork+0x1f/0x30 In this case, igbioerrordetected detaches the network interface and requests a PCIE slot reset, however, the PCIE reset callback is not being invoked and thus the Ethernet connection breaks down. As the PCIE error in this case is a non-fatal one, requesting a slot reset can be avoided. This patch fixes the task hung issue and preserves Ethernet connection by ignoring non-fatal PCIE errors.

References

Affected packages

Debian:11 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.10.191-1

Affected versions

5.*

5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1
5.10.148-1
5.10.149-1
5.10.149-2
5.10.158-1
5.10.158-2
5.10.162-1
5.10.178-1
5.10.178-2
5.10.178-3
5.10.179-1
5.10.179-2
5.10.179-3
5.10.179-4
5.10.179-5

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:12 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.1.52-1

Affected versions

6.*

6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:13 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.11-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}

Debian:14 / linux

Package

Name
linux
Purl
pkg:deb/debian/linux?arch=source

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
6.4.11-1

Ecosystem specific 

{
    "urgency": "not yet assigned"
}