Data Race Issue in Linux Kernel's Workqueue Management
CVE-2023-53329
Currently unrated
What is CVE-2023-53329?
A data race vulnerability has been identified within the Linux Kernel's workqueue subsystem. The issue arises from concurrent access to shared variables in the workqueue code, specifically in the process_one_work function. KCSAN has detected instances where multiple threads attempt to read and write to the workqueue statistics concurrently, leading to inconsistent states and potential system instability. To mitigate this vulnerability, proper synchronization mechanisms must be implemented to ensure that increments to the workqueue statistics are safely executed without race conditions, thus enhancing the overall reliability of the kernel.
Affected Version(s)
Linux 725e8ec59c56c65fb92e343c10a8842cd0d4f194
Linux 725e8ec59c56c65fb92e343c10a8842cd0d4f194
Linux 6.5