Vulnerability Description
In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_interrupt_scheme(). This will result in iavf_free_traffic_irqs() not being called and a leak as follows: [7632.489326] remove_proc_entry: removing non-empty directory 'irq/999', leaking at least 'iavf-enp24s0f0v0-TxRx-0' [7632.490214] WARNING: CPU: 0 PID: 10 at fs/proc/generic.c:718 remove_proc_entry+0x19b/0x1b0 is shown when pci_disable_msix() is later called. Fix by using the internal adapter state. The traffic IRQs will always exist if state == __IAVF_RUNNING.
References
- https://git.kernel.org/stable/c/5e9db32eec628481f5da97a5b1aedb84a5240d18
- https://git.kernel.org/stable/c/6d9d01689b82ff5cb8f8d2a82717d7997bc0bfff
- https://git.kernel.org/stable/c/a77ed5c5b768e9649be240a2d864e5cd9c6a2015
FAQ
What is CVE-2023-53850?
CVE-2023-53850 is a documented vulnerability. In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_S...
How severe is CVE-2023-53850?
CVSS scoring is not yet available for CVE-2023-53850. Check NVD for updates.
Is there a patch for CVE-2023-53850?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.