CVE-2023-53660
- Source
- https://cve.org/CVERecord?id=CVE-2023-53660
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53660.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-53660
- Downstream
- Related
- Published
- 2025-10-07T15:21:20.307Z
- Modified
- 2026-02-24T07:35:42.231405Z
- Summary
- bpf, cpumap: Handle skb as well when clean up ptr_ring
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
bpf, cpumap: Handle skb as well when clean up ptr_ring
The following warning was reported when running xdpredirectcpu with both skb-mode and stress-mode enabled:
------------[ cut here ]------------ Incorrect XDP memory type (-2128176192) usage WARNING: CPU: 7 PID: 1442 at net/core/xdp.c:405 Modules linked in: CPU: 7 PID: 1442 Comm: kworker/7:0 Tainted: G 6.5.0-rc2+ #1 Hardware name: QEMU Standard PC (i440FX + PIIX, 1996) Workqueue: events cpumapentryfree RIP: 0010:xdpreturn+0x1e4/0x4a0 ...... Call Trace: <TASK> ? showregs+0x65/0x70 ? _warn+0xa5/0x240 ? _xdpreturn+0x1e4/0x4a0 ...... xdpreturnframe+0x4d/0x150 _cpumapentryfree+0xf9/0x230 processonework+0x6b0/0xb80 workerthread+0x96/0x720 kthread+0x1a5/0x1f0 retfromfork+0x3a/0x70 retfromforkasm+0x1b/0x30 </TASK>
The reason for the warning is twofold. One is due to the kthread cpumapkthreadrun() is stopped prematurely. Another one is _cpumapringcleanup() doesn't handle skb mode and treats skbs in ptrring as XDP frames.
Prematurely-stopped kthread will be fixed by the preceding patch and ptrring will be empty when _cpumapringcleanup() is called. But as the comments in _cpumapringcleanup() said, handling and freeing skbs in ptrring as well to "catch any broken behaviour gracefully".
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53660.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/7c62b75cd1a792e14b037fa4f61f9b18914e7de1
- https://git.kernel.org/stable/c/937345720d18f1ad006ba3d5dcb3fa121037b8a2
- https://git.kernel.org/stable/c/b58d34068fd9f96bfc7d389988dfaf9a92a8fe00
- https://git.kernel.org/stable/c/cbd000451885801e9bbfd9cf7a7946806a85cb5e
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53660.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53660
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced11941f8a85362f612df61f4aaab0e41b64d2111dFixedb58d34068fd9f96bfc7d389988dfaf9a92a8fe00Fixedcbd000451885801e9bbfd9cf7a7946806a85cb5eFixed937345720d18f1ad006ba3d5dcb3fa121037b8a2Fixed7c62b75cd1a792e14b037fa4f61f9b18914e7de1
Affected versions
v5.*
v5.14
v5.14-rc1
v5.14-rc2
v5.14-rc3
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.100
v5.15.101
v5.15.102
v5.15.103
v5.15.104
v5.15.105
v5.15.106
v5.15.107
v5.15.108
v5.15.109
v5.15.11
v5.15.110
v5.15.111
v5.15.112
v5.15.113
v5.15.114
v5.15.115
v5.15.116
v5.15.117
v5.15.118
v5.15.119
v5.15.12
v5.15.120
v5.15.121
v5.15.122
v5.15.123
v5.15.124
v5.15.125
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.4.7
v6.4.8
v6.4.9
v6.5-rc1
v6.5-rc2
Database specific
vanir_signatures
[
{
"digest": {
"length": 139.0,
"function_hash": "259456536550880052884432290153294067242"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cbd000451885801e9bbfd9cf7a7946806a85cb5e",
"deprecated": false,
"id": "CVE-2023-53660-0b4b2b65",
"signature_type": "Function",
"target": {
"function": "__cpu_map_ring_cleanup",
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"191875032485332689162434363438638062432",
"274940885888251738694720605729428373423",
"140050726261103514448039083454902477440",
"66348907860345470779220564599206990071",
"34562003896314924783524595729344086829",
"96199572004045799862795912423192979201",
"144540366666534010513091289080061771014"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@937345720d18f1ad006ba3d5dcb3fa121037b8a2",
"deprecated": false,
"id": "CVE-2023-53660-36c36c3c",
"signature_type": "Line",
"target": {
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
},
{
"digest": {
"length": 139.0,
"function_hash": "259456536550880052884432290153294067242"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b58d34068fd9f96bfc7d389988dfaf9a92a8fe00",
"deprecated": false,
"id": "CVE-2023-53660-79deb896",
"signature_type": "Function",
"target": {
"function": "__cpu_map_ring_cleanup",
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"191875032485332689162434363438638062432",
"274940885888251738694720605729428373423",
"140050726261103514448039083454902477440",
"66348907860345470779220564599206990071",
"34562003896314924783524595729344086829",
"96199572004045799862795912423192979201",
"144540366666534010513091289080061771014"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c62b75cd1a792e14b037fa4f61f9b18914e7de1",
"deprecated": false,
"id": "CVE-2023-53660-86799bf3",
"signature_type": "Line",
"target": {
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
},
{
"digest": {
"length": 139.0,
"function_hash": "259456536550880052884432290153294067242"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@7c62b75cd1a792e14b037fa4f61f9b18914e7de1",
"deprecated": false,
"id": "CVE-2023-53660-8b1a80a7",
"signature_type": "Function",
"target": {
"function": "__cpu_map_ring_cleanup",
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"191875032485332689162434363438638062432",
"274940885888251738694720605729428373423",
"140050726261103514448039083454902477440",
"66348907860345470779220564599206990071",
"34562003896314924783524595729344086829",
"96199572004045799862795912423192979201",
"144540366666534010513091289080061771014"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@cbd000451885801e9bbfd9cf7a7946806a85cb5e",
"deprecated": false,
"id": "CVE-2023-53660-94c23496",
"signature_type": "Line",
"target": {
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"191875032485332689162434363438638062432",
"274940885888251738694720605729428373423",
"140050726261103514448039083454902477440",
"66348907860345470779220564599206990071",
"34562003896314924783524595729344086829",
"96199572004045799862795912423192979201",
"144540366666534010513091289080061771014"
]
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@b58d34068fd9f96bfc7d389988dfaf9a92a8fe00",
"deprecated": false,
"id": "CVE-2023-53660-a0cded29",
"signature_type": "Line",
"target": {
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
},
{
"digest": {
"length": 139.0,
"function_hash": "259456536550880052884432290153294067242"
},
"source": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git@937345720d18f1ad006ba3d5dcb3fa121037b8a2",
"deprecated": false,
"id": "CVE-2023-53660-be7c2265",
"signature_type": "Function",
"target": {
"function": "__cpu_map_ring_cleanup",
"file": "kernel/bpf/cpumap.c"
},
"signature_version": "v1"
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53660.json"
Git / github.com/gregkh/linux
Affected versions
v5.*
v5.15
v5.15.1
v5.15.10
v5.15.100
v5.15.101
v5.15.102
v5.15.103
v5.15.104
v5.15.105
v5.15.106
v5.15.107
v5.15.108
v5.15.109
v5.15.11
v5.15.110
v5.15.111
v5.15.112
v5.15.113
v5.15.114
v5.15.115
v5.15.116
v5.15.117
v5.15.118
v5.15.119
v5.15.12
v5.15.120
v5.15.121
v5.15.122
v5.15.123
v5.15.124
v5.15.125
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.23
v6.1.24
v6.1.25
v6.1.26
v6.1.27
v6.1.28
v6.1.29
v6.1.3
v6.1.30
v6.1.31
v6.1.32
v6.1.33
v6.1.34
v6.1.35
v6.1.36
v6.1.37
v6.1.38
v6.1.39
v6.1.4
v6.1.40
v6.1.41
v6.1.42
v6.1.43
v6.1.44
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.3
v6.3-rc1
v6.3-rc2
v6.3-rc3
v6.3-rc4
v6.3-rc5
v6.3-rc6
v6.3-rc7
v6.4
v6.4-rc1
v6.4-rc2
v6.4-rc3
v6.4-rc4
v6.4-rc5
v6.4-rc6
v6.4-rc7
v6.4.1
v6.4.2
v6.4.3
v6.4.4
v6.4.5
v6.4.6
v6.4.7
v6.4.8
v6.4.9