CVE-2023-53558

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-53558
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53558.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-53558
Downstream
Related
Published
2025-10-04T15:17:02Z
Modified
2025-10-29T20:24:09.165935Z
Summary
rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic()
Details

In the Linux kernel, the following vulnerability has been resolved:

rcu-tasks: Avoid prinfo() with spin lock in cblistinit_generic()

prinfo() is called with rtp->cbsgbllock spin lock locked. Because prinfo() calls printk() that might sleep, this will result in BUG like below:

[ 0.206455] cblistinitgeneric: Setting adjustable number of callback queues. [ 0.206463] [ 0.206464] ============================= [ 0.206464] [ BUG: Invalid wait context ] [ 0.206465] 5.19.0-00428-g9de1f9c8ca51 #5 Not tainted [ 0.206466] ----------------------------- [ 0.206466] swapper/0/1 is trying to lock: [ 0.206467] ffffffffa0167a58 (&portlockkey){....}-{3:3}, at: serial8250consolewrite+0x327/0x4a0 [ 0.206473] other info that might help us debug this: [ 0.206473] context-{5:5} [ 0.206474] 3 locks held by swapper/0/1: [ 0.206474] #0: ffffffff9eb597e0 (rcutasks.cbsgbllock){....}-{2:2}, at: cblistinitgeneric.constprop.0+0x14/0x1f0 [ 0.206478] #1: ffffffff9eb579c0 (consolelock){+.+.}-{0:0}, at: printk+0x63/0x7e [ 0.206482] #2: ffffffff9ea77780 (consoleowner){....}-{0:0}, at: consoleemitnextrecord.constprop.0+0x111/0x330 [ 0.206485] stack backtrace: [ 0.206486] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.19.0-00428-g9de1f9c8ca51 #5 [ 0.206488] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.0-1.fc36 04/01/2014 [ 0.206489] Call Trace: [ 0.206490] <TASK> [ 0.206491] dumpstacklvl+0x6a/0x9f [ 0.206493] _lockacquire.cold+0x2d7/0x2fe [ 0.206496] ? stacktracesave+0x46/0x70 [ 0.206497] lockacquire+0xd1/0x2f0 [ 0.206499] ? serial8250consolewrite+0x327/0x4a0 [ 0.206500] ? _lockacquire+0x5c7/0x2720 [ 0.206502] rawspinlockirqsave+0x3d/0x90 [ 0.206504] ? serial8250consolewrite+0x327/0x4a0 [ 0.206506] serial8250consolewrite+0x327/0x4a0 [ 0.206508] consoleemitnextrecord.constprop.0+0x180/0x330 [ 0.206511] consoleunlock+0xf7/0x1f0 [ 0.206512] vprintkemit+0xf7/0x330 [ 0.206514] _printk+0x63/0x7e [ 0.206516] cblistinitgeneric.constprop.0.cold+0x24/0x32 [ 0.206518] rcuinittasksgeneric+0x5/0xd9 [ 0.206522] kernelinitfreeable+0x15b/0x2a2 [ 0.206523] ? restinit+0x160/0x160 [ 0.206526] kernelinit+0x11/0x120 [ 0.206527] retfromfork+0x1f/0x30 [ 0.206530] </TASK> [ 0.207018] cblistinitgeneric: Setting shift to 1 and lim to 1.

This patch moves prinfo() so that it is called without rtp->cbsgbl_lock locked.

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ab97152f88a4d580b89f0b7cc3028ffac438216f
Fixed
9027d69221ff96e1356f070f7feb2ff989ae7388
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ab97152f88a4d580b89f0b7cc3028ffac438216f
Fixed
ea9b81c7d9104040b46a84d2303045de267f5557
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
ab97152f88a4d580b89f0b7cc3028ffac438216f
Fixed
5fc8cbe4cf0fd34ded8045c385790c3bf04f6785

Affected versions

v5.*

v5.16
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8

v6.*

v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6

Database specific

vanir_signatures

[
    {
        "id": "CVE-2023-53558-1fd48acc",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9027d69221ff96e1356f070f7feb2ff989ae7388",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "161306891664774790027390936087558683264",
                "123159730885522404783963985842507916576",
                "73919944830393601923472773320878368657",
                "286223450320268484709308692917501103423",
                "299690367383291526834719118033317720156",
                "242007013686143408803945532917294896848",
                "71540902492659885992389885771076531148",
                "168225804830905423682667696116639353225"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "kernel/rcu/tasks.h"
        }
    },
    {
        "id": "CVE-2023-53558-66a16de7",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ea9b81c7d9104040b46a84d2303045de267f5557",
        "signature_type": "Function",
        "digest": {
            "function_hash": "338441402446816592858663951313949150784",
            "length": 1341.0
        },
        "deprecated": false,
        "target": {
            "file": "kernel/rcu/tasks.h",
            "function": "cblist_init_generic"
        }
    },
    {
        "id": "CVE-2023-53558-a726fbb4",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@9027d69221ff96e1356f070f7feb2ff989ae7388",
        "signature_type": "Function",
        "digest": {
            "function_hash": "338441402446816592858663951313949150784",
            "length": 1341.0
        },
        "deprecated": false,
        "target": {
            "file": "kernel/rcu/tasks.h",
            "function": "cblist_init_generic"
        }
    },
    {
        "id": "CVE-2023-53558-a73a0e27",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5fc8cbe4cf0fd34ded8045c385790c3bf04f6785",
        "signature_type": "Function",
        "digest": {
            "function_hash": "338441402446816592858663951313949150784",
            "length": 1341.0
        },
        "deprecated": false,
        "target": {
            "file": "kernel/rcu/tasks.h",
            "function": "cblist_init_generic"
        }
    },
    {
        "id": "CVE-2023-53558-a7bf1ae9",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@ea9b81c7d9104040b46a84d2303045de267f5557",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "161306891664774790027390936087558683264",
                "123159730885522404783963985842507916576",
                "73919944830393601923472773320878368657",
                "286223450320268484709308692917501103423",
                "299690367383291526834719118033317720156",
                "242007013686143408803945532917294896848",
                "71540902492659885992389885771076531148",
                "168225804830905423682667696116639353225"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "kernel/rcu/tasks.h"
        }
    },
    {
        "id": "CVE-2023-53558-aaa9fff5",
        "signature_version": "v1",
        "source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@5fc8cbe4cf0fd34ded8045c385790c3bf04f6785",
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "161306891664774790027390936087558683264",
                "123159730885522404783963985842507916576",
                "73919944830393601923472773320878368657",
                "286223450320268484709308692917501103423",
                "299690367383291526834719118033317720156",
                "242007013686143408803945532917294896848",
                "71540902492659885992389885771076531148",
                "168225804830905423682667696116639353225"
            ]
        },
        "deprecated": false,
        "target": {
            "file": "kernel/rcu/tasks.h"
        }
    }
]

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.17.0
Fixed
6.1.42
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.4.7