CVE-2023-53590
- Source
- https://cve.org/CVERecord?id=CVE-2023-53590
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53590.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-53590
- Downstream
- Published
- 2025-10-04T15:44:04.733Z
- Modified
- 2026-04-02T09:44:32.583695Z
- Summary
- sctp: add a refcnt in sctp_stream_priorities to avoid a nested loop
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
sctp: add a refcnt in sctpstreampriorities to avoid a nested loop
With this refcnt added in sctpstreampriorities, we don't need to traverse all streams to check if the prio is used by other streams when freeing one stream's prio in sctpschedpriofreesid(). This can avoid a nested loop (up to 65535 * 65535), which may cause a stuck as Ying reported:
watchdog: BUG: soft lockup - CPU#23 stuck for 26s! [ksoftirqd/23:136] Call Trace: <TASK> sctp_sched_prio_free_sid+0xab/0x100 [sctp] sctp_stream_free_ext+0x64/0xa0 [sctp] sctp_stream_free+0x31/0x50 [sctp] sctp_association_free+0xa5/0x200 [sctp]Note that it doesn't need to use refcount_t type for this counter, as its accessing is always protected under the sock lock.
v1->v2: - add a check in sctpschedprioset to avoid the possible priohead refcnt overflow.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53590.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/03c3a5584a0a29821e59b7834635ce823050caaa
- https://git.kernel.org/stable/c/68ba44639537de6f91fe32783766322d41848127
- https://git.kernel.org/stable/c/6d529928ea212127851a2df8c40d822237ca946b
- https://git.kernel.org/stable/c/8ee401f89cdb10f39098c0656d695b2bc4052100
- https://git.kernel.org/stable/c/bf5540cbd20e2dae2c81ab9b31deef41ef147d0a
- https://git.kernel.org/stable/c/cec326443f01283ef68ea00c06ea073b1835a562
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53590.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53590
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduceda7555681e50bdebed2c40ff7404ee73c2e932993Fixedcec326443f01283ef68ea00c06ea073b1835a562
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced176ee6c673ccd118e9392fd2dbb165423bdb99caFixed8ee401f89cdb10f39098c0656d695b2bc4052100
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0dfb9a566327182387c90100ea54d8426cee8c67Fixedbf5540cbd20e2dae2c81ab9b31deef41ef147d0a
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced9ed7bfc79542119ac0a9e1ce8a2a5285e43433e9Fixed03c3a5584a0a29821e59b7834635ce823050caaaFixed6d529928ea212127851a2df8c40d822237ca946bFixed68ba44639537de6f91fe32783766322d41848127
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedLast affectedfa20f88271259d42ebe66f0a8c4c20199e888c99