Linux Kernel srcu Functionality Issue Affecting Boot CPU Handling
CVE-2023-53671

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 7 October 2025

What is CVE-2023-53671?

A vulnerability exists in the Linux kernel's srcu functionality that assumes CPU 0 is always online, potentially leading to operational issues when other CPUs serve as the boot CPU. This problem becomes evident during special scenarios such as initiating a kdump kernel with a limited number of CPUs, creating a risk of system hang. Under specific conditions, tasks may become unresponsive for extended periods, impacting overall system stability. Linux users should prioritize applying security patches to mitigate this vulnerability's effects.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 2c4d26dad76eadaa45a24543e311e9ce5d09f04e

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 7f24626d6dd844bfc6d1f492d214d29c86d02550

References

https://git.kernel.org/stable/c/2c4d26dad76eadaa45a24543e...

https://git.kernel.org/stable/c/c7c0bc03fa44942fe0fdc5ac5...

https://git.kernel.org/stable/c/7f24626d6dd844bfc6d1f492d...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2025
Vulnerability Reserved
Oct 7, 2025

JSON