DEBIAN-CVE-2023-53210
- Source
- https://security-tracker.debian.org/tracker/CVE-2023-53210
- Import Source
- https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2023-53210.json
- JSON Data
- https://api.osv.dev/v1/vulns/DEBIAN-CVE-2023-53210
- Upstream
- Published
- 2025-09-15T15:15:47Z
- Modified
- 2025-09-30T05:16:20.947011Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5lflushstripetoraid() r5lflushstripetoraid() will check if the list 'flushingios' is empty, and then submit 'flushbio', however, r5llogflushendio() is clearing the list first and then clear the bio, which will cause null-ptr-deref: T1: submit flush io raid5d handleactivestripes r5lflushstripetoraid // list is empty // add 'ioendios' to the list bioinit submitbio // io1 T2: io1 is done r5llogflushendio listsplicetailinit // clear the list T3: submit new flush io ... r5lflushstripetoraid // list is empty // add 'ioendios' to the list bioinit biouninit // clear bio->biblkg submitbio // null-ptr-deref Fix this problem by clearing bio before clearing the list in r5llogflushendio().
- References
Affected packages
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.55-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Debian:14 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source