Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

CVE-2023-53727

Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
22/10/2025
Last modified:
15/04/2026

Description

In the Linux kernel, the following vulnerability has been resolved:<br /> <br /> net/sched: fq_pie: avoid stalls in fq_pie_timer()<br /> <br /> When setting a high number of flows (limit being 65536),<br /> fq_pie_timer() is currently using too much time as syzbot reported.<br /> <br /> Add logic to yield the cpu every 2048 flows (less than 150 usec<br /> on debug kernels).<br /> It should also help by not blocking qdisc fast paths for too long.<br /> Worst case (65536 flows) would need 31 jiffies for a complete scan.<br /> <br /> Relevant extract from syzbot report:<br /> <br /> rcu: INFO: rcu_preempt detected expedited stalls on CPUs/tasks: { 0-.... } 2663 jiffies s: 873 root: 0x1/.<br /> rcu: blocking rcu_node structures (internal RCU debug):<br /> Sending NMI from CPU 1 to CPUs 0:<br /> NMI backtrace for cpu 0<br /> CPU: 0 PID: 5177 Comm: syz-executor273 Not tainted 6.5.0-syzkaller-00453-g727dbda16b83 #0<br /> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/26/2023<br /> RIP: 0010:check_kcov_mode kernel/kcov.c:173 [inline]<br /> RIP: 0010:write_comp_data+0x21/0x90 kernel/kcov.c:236<br /> Code: 2e 0f 1f 84 00 00 00 00 00 65 8b 05 01 b2 7d 7e 49 89 f1 89 c6 49 89 d2 81 e6 00 01 00 00 49 89 f8 65 48 8b 14 25 80 b9 03 00 00 01 ff 00 74 0e 85 f6 74 59 8b 82 04 16 00 00 85 c0 74 4f 8b<br /> RSP: 0018:ffffc90000007bb8 EFLAGS: 00000206<br /> RAX: 0000000000000101 RBX: ffffc9000dc0d140 RCX: ffffffff885893b0<br /> RDX: ffff88807c075940 RSI: 0000000000000100 RDI: 0000000000000001<br /> RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000<br /> R10: 0000000000000000 R11: 0000000000000000 R12: ffffc9000dc0d178<br /> R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000<br /> FS: 0000555555d54380(0000) GS:ffff8880b9800000(0000) knlGS:0000000000000000<br /> CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033<br /> CR2: 00007f6b442f6130 CR3: 000000006fe1c000 CR4: 00000000003506f0<br /> DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000<br /> DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400<br /> Call Trace:<br /> <br /> <br /> <br /> pie_calculate_probability+0x480/0x850 net/sched/sch_pie.c:415<br /> fq_pie_timer+0x1da/0x4f0 net/sched/sch_fq_pie.c:387<br /> call_timer_fn+0x1a0/0x580 kernel/time/timer.c:1700

Impact

References to Advisories, Solutions, and Tools