Network Device Initialization Issue in Linux Kernel's Virtio Module
CVE-2023-53499
What is CVE-2023-53499?
A vulnerability has been identified in the Linux kernel related to the virtio_net module. During the initialization of XDP (eXpress Data Path) in the virtnet_open() function, the process may encounter errors that lead to the failure of net device access. Notably, if prior request queues have already initialized XDP and activated NAPI (New API), it results in inconsistent behavior, which should not occur. This issue highlights the need for proper error handling within the initialization process to prevent resource leaks and ensure the correct functioning of network devices. Improvements include the implementation of additional helper functions for disabling and enabling queue pairs to enhance error management during both initialization and closure of network devices.
Affected Version(s)
Linux 754b8a21a96d5f11712245aef907149606b323ae < 6a7690f2bd178eee80f33411ae32e543ae66379c
Linux 754b8a21a96d5f11712245aef907149606b323ae < 73f53bc295727a3cdbd9d6bcdfaa239258970cf4
Linux 754b8a21a96d5f11712245aef907149606b323ae < 037768b28e3752c07d63d1c72a651a6775b080bb