CVE-2023-54152

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-54152
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54152.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-54152
Downstream
Published
2025-12-24T13:07:03.310Z
Modified
2026-03-10T21:47:35.905138Z
Summary
can: j1939: prevent deadlock by moving j1939_sk_errqueue()
Details

In the Linux kernel, the following vulnerability has been resolved:

can: j1939: prevent deadlock by moving j1939skerrqueue()

This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a net down event. The deadlock involves locks in the following order:

3 j1939sessionlistlock -> activesessionlistlock j1939sessionactivate ... j1939skqueueactivatenext -> sksessionqueuelock ... j1939xtprxeoma_one

2 j1939skqueuedropall -> sksessionqueuelock ... j1939sknetdeveventnetdown -> j1939sockslock j1939netdev_notify

1 j1939skerrqueue -> j1939sockslock _j1939sessioncancel -> activesessionlistlock j1939tprxtimer

   CPU0                    CPU1
   ----                    ----

lock(&priv->activesessionlistlock); lock(&jsk->sksessionqueuelock); lock(&priv->activesessionlistlock); lock(&priv->j1939socks_lock);

The solution implemented in this commit is to move the j1939skerrqueue() call out of the activesessionlist_lock context, thus preventing the deadlock situation.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/54xxx/CVE-2023-54152.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
5b9272e93f2efe3f6cda60cc2c26817b2ce49386
Fixed
8a581b71cf686b4cd1a85c9c2dfc2fb88382c3b4
Fixed
ace6aa2ab5ba5869563ca689bbd912100514ae7b
Fixed
f09ce9d765de1f064ce3919f57c6beb061744784
Fixed
d1366b283d94ac4537a4b3a1e8668da4df7ce7e9

Affected versions

v5.*
v5.14
v5.14-rc4
v5.14-rc5
v5.14-rc6
v5.14-rc7
v5.15
v5.15-rc1
v5.15-rc2
v5.15-rc3
v5.15-rc4
v5.15-rc5
v5.15-rc6
v5.15-rc7
v5.15.1
v5.15.10
v5.15.100
v5.15.101
v5.15.102
v5.15.103
v5.15.104
v5.15.105
v5.15.11
v5.15.12
v5.15.13
v5.15.14
v5.15.15
v5.15.16
v5.15.17
v5.15.18
v5.15.19
v5.15.2
v5.15.20
v5.15.21
v5.15.22
v5.15.23
v5.15.24
v5.15.25
v5.15.26
v5.15.27
v5.15.28
v5.15.29
v5.15.3
v5.15.30
v5.15.31
v5.15.32
v5.15.33
v5.15.34
v5.15.35
v5.15.36
v5.15.37
v5.15.38
v5.15.39
v5.15.4
v5.15.40
v5.15.41
v5.15.42
v5.15.43
v5.15.44
v5.15.45
v5.15.46
v5.15.47
v5.15.48
v5.15.49
v5.15.5
v5.15.50
v5.15.51
v5.15.52
v5.15.53
v5.15.54
v5.15.55
v5.15.56
v5.15.57
v5.15.58
v5.15.59
v5.15.6
v5.15.60
v5.15.61
v5.15.62
v5.15.63
v5.15.64
v5.15.65
v5.15.66
v5.15.67
v5.15.68
v5.15.69
v5.15.7
v5.15.70
v5.15.71
v5.15.72
v5.15.73
v5.15.74
v5.15.75
v5.15.76
v5.15.77
v5.15.78
v5.15.79
v5.15.8
v5.15.80
v5.15.81
v5.15.82
v5.15.83
v5.15.84
v5.15.85
v5.15.86
v5.15.87
v5.15.88
v5.15.89
v5.15.9
v5.15.90
v5.15.91
v5.15.92
v5.15.93
v5.15.94
v5.15.95
v5.15.96
v5.15.97
v5.15.98
v5.15.99
v5.16
v5.16-rc1
v5.16-rc2
v5.16-rc3
v5.16-rc4
v5.16-rc5
v5.16-rc6
v5.16-rc7
v5.16-rc8
v5.17
v5.17-rc1
v5.17-rc2
v5.17-rc3
v5.17-rc4
v5.17-rc5
v5.17-rc6
v5.17-rc7
v5.17-rc8
v5.18
v5.18-rc1
v5.18-rc2
v5.18-rc3
v5.18-rc4
v5.18-rc5
v5.18-rc6
v5.18-rc7
v5.19
v5.19-rc1
v5.19-rc2
v5.19-rc3
v5.19-rc4
v5.19-rc5
v5.19-rc6
v5.19-rc7
v5.19-rc8
v6.*
v6.0
v6.0-rc1
v6.0-rc2
v6.0-rc3
v6.0-rc4
v6.0-rc5
v6.0-rc6
v6.0-rc7
v6.1
v6.1-rc1
v6.1-rc2
v6.1-rc3
v6.1-rc4
v6.1-rc5
v6.1-rc6
v6.1-rc7
v6.1-rc8
v6.1.1
v6.1.10
v6.1.11
v6.1.12
v6.1.13
v6.1.14
v6.1.15
v6.1.16
v6.1.17
v6.1.18
v6.1.19
v6.1.2
v6.1.20
v6.1.21
v6.1.22
v6.1.3
v6.1.4
v6.1.5
v6.1.6
v6.1.7
v6.1.8
v6.1.9
v6.2
v6.2-rc1
v6.2-rc2
v6.2-rc3
v6.2-rc4
v6.2-rc5
v6.2-rc6
v6.2-rc7
v6.2-rc8
v6.2.1
v6.2.2
v6.2.3
v6.2.4
v6.2.5
v6.2.6
v6.2.7
v6.2.8
v6.2.9
v6.3-rc1
v6.3-rc2
v6.3-rc3

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54152.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.106
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.23
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.2.10

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-54152.json"