CVE-2023-53850 in Kernel
Résumé (Anglaise)
In the Linux kernel, the following vulnerability has been resolved:
iavf: use internal state to free traffic IRQs
If the system tries to close the netdev while iavf_reset_task() is
running, __LINK_STATE_START will be cleared and netif_running() will
return false in iavf_reinit_interrupt_scheme(). This will result in
iavf_free_traffic_irqs() not being called and a leak as follows:
[7632.489326] remove_proc_entry: removing non-empty directory 'irq/999', leaking at least 'iavf-enp24s0f0v0-TxRx-0'
[7632.490214] WARNING: CPU: 0 PID: 10 at fs/proc/generic.c:718 remove_proc_entry+0x19b/0x1b0
is shown when pci_disable_msix() is later called. Fix by using the
internal adapter state. The traffic IRQs will always exist if
state == __IAVF_RUNNING.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Responsable
Linux
Réserver
09/12/2025
Divulgation
09/12/2025
Statut
Confirmé
Entrées
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnérabilité | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 335034 | Linux Kernel iavf_reset_task élévation de privilèges | 371 | Non défini | Correctif officiel | CVE-2023-53850 |