CVE-2023-53082

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53082
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53082.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53082
Downstream
Related
Published
2025-05-02T15:55:31.071Z
Modified
2026-02-24T11:38:01.379268Z
Summary
vp_vdpa: fix the crash in hot unplug with vp_vdpa
Details

In the Linux kernel, the following vulnerability has been resolved:

vpvdpa: fix the crash in hot unplug with vpvdpa

While unplugging the vpvdpa device, it triggers a kernel panic The root cause is: vdpamgmtdevunregister() will accesses modern devices which will cause a use after free. So need to change the sequence in vpvdpa_remove

[ 195.003359] BUG: unable to handle page fault for address: ff4e8beb80199014 [ 195.004012] #PF: supervisor read access in kernel mode [ 195.004486] #PF: errorcode(0x0000) - not-present page [ 195.004960] PGD 100000067 P4D 1001b6067 PUD 1001b7067 PMD 1001b8067 PTE 0 [ 195.005578] Oops: 0000 1 PREEMPT SMP PTI [ 195.005968] CPU: 13 PID: 164 Comm: kworker/u56:10 Kdump: loaded Not tainted 5.14.0-252.el9.x8664 #1 [ 195.006792] Hardware name: Red Hat KVM/RHEL, BIOS edk2-20221207gitfff6d81270b5-2.el9 unknown [ 195.007556] Workqueue: kacpihotplug acpihotplugworkfn [ 195.008059] RIP: 0010:ioread8+0x31/0x80 [ 195.008418] Code: 77 28 48 81 ff 00 00 01 00 76 0b 89 fa ec 0f b6 c0 c3 cc cc cc cc 8b 15 ad 72 93 01 b8 ff 00 00 00 85 d2 75 0f c3 cc cc cc cc <8a> 07 0f b6 c0 c3 cc cc cc cc 83 ea 01 48 83 ec 08 48 89 fe 48 c7 [ 195.010104] RSP: 0018:ff4e8beb8067bab8 EFLAGS: 00010292 [ 195.010584] RAX: ffffffffc05834a0 RBX: ffffffffc05843c0 RCX: ff4e8beb8067bae0 [ 195.011233] RDX: ff1bcbd580f88000 RSI: 0000000000000246 RDI: ff4e8beb80199014 [ 195.011881] RBP: ff1bcbd587e39000 R08: ffffffff916fa2d0 R09: ff4e8beb8067ba68 [ 195.012527] R10: 000000000000001c R11: 0000000000000000 R12: ff1bcbd5a3de9120 [ 195.013179] R13: ffffffffc062d000 R14: 0000000000000080 R15: ff1bcbe402bc7805 [ 195.013826] FS: 0000000000000000(0000) GS:ff1bcbe402740000(0000) knlGS:0000000000000000 [ 195.014564] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.015093] CR2: ff4e8beb80199014 CR3: 0000000107dea002 CR4: 0000000000771ee0 [ 195.015741] PKRU: 55555554 [ 195.016001] Call Trace: [ 195.016233] <TASK> [ 195.016434] vpmoderngetstatus+0x12/0x20 [ 195.016823] vpvdpareset+0x1b/0x50 [vpvdpa] [ 195.017238] virtiovdpareset+0x3c/0x48 [virtiovdpa] [ 195.017709] removevqcommon+0x1f/0x3a0 [virtionet] [ 195.018178] virtnetremove+0x5d/0x70 [virtionet] [ 195.018618] virtiodevremove+0x3d/0x90 [ 195.018986] devicereleasedriverinternal+0x1aa/0x230 [ 195.019466] busremovedevice+0xd8/0x150 [ 195.019841] devicedel+0x18b/0x3f0 [ 195.020167] ? kernfsfindns+0x35/0xd0 [ 195.020526] deviceunregister+0x13/0x60 [ 195.020894] unregistervirtiodevice+0x11/0x20 [ 195.021311] devicereleasedriverinternal+0x1aa/0x230 [ 195.021790] busremovedevice+0xd8/0x150 [ 195.022162] devicedel+0x18b/0x3f0 [ 195.022487] deviceunregister+0x13/0x60 [ 195.022852] ? vdpadevremove+0x30/0x30 [vdpa] [ 195.023270] vpvdpadevdel+0x12/0x20 [vpvdpa] [ 195.023694] vdpamatchremove+0x2b/0x40 [vdpa] [ 195.024115] busforeachdev+0x78/0xc0 [ 195.024471] vdpamgmtdevunregister+0x65/0x80 [vdpa] [ 195.024937] vpvdparemove+0x23/0x40 [vpvdpa] [ 195.025353] pcideviceremove+0x36/0xa0 [ 195.025719] devicereleasedriverinternal+0x1aa/0x230 [ 195.026201] pcistopbusdevice+0x6c/0x90 [ 195.026580] pcistopandremovebusdevice+0xe/0x20 [ 195.027039] disableslot+0x49/0x90 [ 195.027366] acpiphpdisableandejectslot+0x15/0x90 [ 195.027832] hotplugevent+0xea/0x210 [ 195.028171] ? hotplugevent+0x210/0x210 [ 195.028535] acpiphphotplugnotify+0x22/0x80 [ 195.028942] ? hotplugevent+0x210/0x210 [ 195.029303] acpidevicehotplug+0x8a/0x1d0 [ 195.029690] acpihotplugworkfn+0x1a/0x30 [ 195.030077] processonework+0x1e8/0x3c0 [ 195.030451] workerthread+0x50/0x3b0 [ 195.030791] ? rescuerthread+0x3a0/0x3a0 [ 195.031165] kthread+0xd9/0x100 [ 195.031459] ? kthreadcompleteandexit+0x20/0x20 [ 195.031899] retfrom_fork+0x22/0x30 [ 195.032233] </TASK>

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53082.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ffbda8e9df10d1784d5427ec199e7d8308e3763f
Fixed
baafa2960731211837d8fc04ff3873ecb7440464
Fixed
fa1f327f93c9a7310cce9d2fcda28b7af91f7437
Fixed
aed8efddd39b3434c96718d39009285c52b1cafc

Affected versions

v5.*
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.3-rc1

Database specific

vanir_signatures 
[
    {
        "id": "CVE-2023-53082-4395841d",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "78144512628690783663781915828863827398",
                "188561239033967887431404145149445602092",
                "250467505637369112980633323008266985412",
                "284821164332747199209705432574961384493",
                "46433385436994414291440004203748775577"
            ]
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@baafa2960731211837d8fc04ff3873ecb7440464",
        "signature_type": "Line",
        "target": {
            "file": "drivers/vdpa/virtio_pci/vp_vdpa.c"
        }
    },
    {
        "id": "CVE-2023-53082-50e037fb",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "78144512628690783663781915828863827398",
                "188561239033967887431404145149445602092",
                "250467505637369112980633323008266985412",
                "284821164332747199209705432574961384493",
                "46433385436994414291440004203748775577"
            ]
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa1f327f93c9a7310cce9d2fcda28b7af91f7437",
        "signature_type": "Line",
        "target": {
            "file": "drivers/vdpa/virtio_pci/vp_vdpa.c"
        }
    },
    {
        "id": "CVE-2023-53082-6809dda7",
        "signature_version": "v1",
        "digest": {
            "function_hash": "288310756974757358111383043110195053542",
            "length": 246.0
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@baafa2960731211837d8fc04ff3873ecb7440464",
        "signature_type": "Function",
        "target": {
            "file": "drivers/vdpa/virtio_pci/vp_vdpa.c",
            "function": "vp_vdpa_remove"
        }
    },
    {
        "id": "CVE-2023-53082-90a4d700",
        "signature_version": "v1",
        "digest": {
            "function_hash": "288310756974757358111383043110195053542",
            "length": 246.0
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aed8efddd39b3434c96718d39009285c52b1cafc",
        "signature_type": "Function",
        "target": {
            "file": "drivers/vdpa/virtio_pci/vp_vdpa.c",
            "function": "vp_vdpa_remove"
        }
    },
    {
        "id": "CVE-2023-53082-ad440090",
        "signature_version": "v1",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "78144512628690783663781915828863827398",
                "188561239033967887431404145149445602092",
                "250467505637369112980633323008266985412",
                "284821164332747199209705432574961384493",
                "46433385436994414291440004203748775577"
            ]
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@aed8efddd39b3434c96718d39009285c52b1cafc",
        "signature_type": "Line",
        "target": {
            "file": "drivers/vdpa/virtio_pci/vp_vdpa.c"
        }
    },
    {
        "id": "CVE-2023-53082-e35eb87b",
        "signature_version": "v1",
        "digest": {
            "function_hash": "288310756974757358111383043110195053542",
            "length": 246.0
        },
        "deprecated": false,
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@fa1f327f93c9a7310cce9d2fcda28b7af91f7437",
        "signature_type": "Function",
        "target": {
            "file": "drivers/vdpa/virtio_pci/vp_vdpa.c",
            "function": "vp_vdpa_remove"
        }
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53082.json"

Git / github.com/gregkh/linux

Affected ranges

Type
GIT
Repo
https://github.com/gregkh/linux
Events
Introduced
3d7cb6b04c3f3115719235cc6866b10326de34cd
Fixed
e3a87a10f2591f296d1a50c5af6820e2181d564a
Introduced
c9c3395d5e3dcc6daee66c6908354d47bf98cb0c
Fixed
f5304af1f705bce6e18a719fcbc00c8be6023519

Affected versions

v5.*
v5.19
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53082.json"