CVE-2023-53148
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
15/09/2025
Last modified:
15/09/2025
Description
In the Linux kernel, the following vulnerability has been resolved:<br />
<br />
igb: Fix igb_down hung on surprise removal<br />
<br />
In a setup where a Thunderbolt hub connects to Ethernet and a display<br />
through USB Type-C, users may experience a hung task timeout when they<br />
remove the cable between the PC and the Thunderbolt hub.<br />
This is because the igb_down function is called multiple times when<br />
the Thunderbolt hub is unplugged. For example, the igb_io_error_detected<br />
triggers the first call, and the igb_remove triggers the second call.<br />
The second call to igb_down will block at napi_synchronize.<br />
Here&#39;s the call trace:<br />
__schedule+0x3b0/0xddb<br />
? __mod_timer+0x164/0x5d3<br />
schedule+0x44/0xa8<br />
schedule_timeout+0xb2/0x2a4<br />
? run_local_timers+0x4e/0x4e<br />
msleep+0x31/0x38<br />
igb_down+0x12c/0x22a [igb 6615058754948bfde0bf01429257eb59f13030d4]<br />
__igb_close+0x6f/0x9c [igb 6615058754948bfde0bf01429257eb59f13030d4]<br />
igb_close+0x23/0x2b [igb 6615058754948bfde0bf01429257eb59f13030d4]<br />
__dev_close_many+0x95/0xec<br />
dev_close_many+0x6e/0x103<br />
unregister_netdevice_many+0x105/0x5b1<br />
unregister_netdevice_queue+0xc2/0x10d<br />
unregister_netdev+0x1c/0x23<br />
igb_remove+0xa7/0x11c [igb 6615058754948bfde0bf01429257eb59f13030d4]<br />
pci_device_remove+0x3f/0x9c<br />
device_release_driver_internal+0xfe/0x1b4<br />
pci_stop_bus_device+0x5b/0x7f<br />
pci_stop_bus_device+0x30/0x7f<br />
pci_stop_bus_device+0x30/0x7f<br />
pci_stop_and_remove_bus_device+0x12/0x19<br />
pciehp_unconfigure_device+0x76/0xe9<br />
pciehp_disable_slot+0x6e/0x131<br />
pciehp_handle_presence_or_link_change+0x7a/0x3f7<br />
pciehp_ist+0xbe/0x194<br />
irq_thread_fn+0x22/0x4d<br />
? irq_thread+0x1fd/0x1fd<br />
irq_thread+0x17b/0x1fd<br />
? irq_forced_thread_fn+0x5f/0x5f<br />
kthread+0x142/0x153<br />
? __irq_get_irqchip_state+0x46/0x46<br />
? kthread_associate_blkcg+0x71/0x71<br />
ret_from_fork+0x1f/0x30<br />
<br />
In this case, igb_io_error_detected detaches the network interface<br />
and requests a PCIE slot reset, however, the PCIE reset callback is<br />
not being invoked and thus the Ethernet connection breaks down.<br />
As the PCIE error in this case is a non-fatal one, requesting a<br />
slot reset can be avoided.<br />
This patch fixes the task hung issue and preserves Ethernet<br />
connection by ignoring non-fatal PCIE errors.
Impact
References to Advisories, Solutions, and Tools
- https://git.kernel.org/stable/c/004d25060c78fc31f66da0fa439c544dda1ac9d5
- https://git.kernel.org/stable/c/124e39a734cb90658b8f0dc110847bbfc6e33792
- https://git.kernel.org/stable/c/39695e87d86f0e7d897fba1d2559f825aa20caeb
- https://git.kernel.org/stable/c/41f63b72a01c0e0ac59ab83fd2d921fcce0f602d
- https://git.kernel.org/stable/c/994c2ceb70ea99264ccc6f09e6703ca267dad63c
- https://git.kernel.org/stable/c/c2312e1d12b1c3ee4100c173131b102e2aed4d04
- https://git.kernel.org/stable/c/c9f56f3c7bc908caa772112d3ae71cdd5d18c257
- https://git.kernel.org/stable/c/fa92c463eba75dcedbd8d689ffdcb83293aaa0c3