Data Race Vulnerability in Linux Kernel Media Driver
CVE-2023-53519

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
1 October 2025

What is CVE-2023-53519?

This vulnerability in the Linux kernel's media subsystem relates to a data race condition within the v4l2-mem2mem functionality. The issue arises when multiple tasks attempt to access and modify the parameter 'num_rdy' without proper synchronization, leading to potential inconsistencies in the buffer queueing mechanism. This situation was identified through kernel concurrency sanitization (KCSAN), highlighting the need for a locking mechanism to ensure the integrity of operations related to source and destination buffers. The resolution demonstrates the importance of safeguarding shared resources in concurrent processing environments.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 690dd4780b3f4d755e4e7883e8c3d1b5052f6bf2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7fc7f87725805197388ba749a1801df33000fa50

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

References

https://git.kernel.org/stable/c/690dd4780b3f4d755e4e7883e...
https://git.kernel.org/stable/c/7fc7f87725805197388ba749a...
https://git.kernel.org/stable/c/ef009fe2010ea2a3a7045ecb7...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2023-53519 : Data Race Vulnerability in Linux Kernel Media Driver