CVE-2023-53731
Description
In the Linux kernel, the following vulnerability has been resolved:
netlink: fix potential deadlock in netlink_set_err()
syzbot reported a possible deadlock in netlink_set_err() [1]
A similar issue was fixed in commit 1d482e666b8e ("netlink: disable IRQs for netlink_lock_table()") in netlink_lock_table()
This patch adds IRQ safety to netlink_set_err() and __netlink_diag_dump() which were not covered by cited commit.
[1]
WARNING: possible irq lock inversion dependency detected 6.4.0-rc6-syzkaller-00240-g4e9f0ec38852 #0 Not tainted
syz-executor.2/23011 just changed the state of lock: ffffffff8e1a7a58 (nl_table_lock){.+.?}-{2:2}, at: netlink_set_err+0x2e/0x3a0 net/netlink/af_netlink.c:1612 but this lock was taken by another, SOFTIRQ-safe lock in the past: (&local->queue_stop_reason_lock){..-.}-{2:2}
and interrupts could create inverse lock ordering between them.
other info that might help us debug this: Possible interrupt unsafe locking scenario:
CPU0 CPU1 ---- ---- lock(nl_table_lock); local_irq_disable(); lock(&local->queue_stop_reason_lock); lock(nl_table_lock);
lock(&local->queue_stop_reason_lock);
* DEADLOCK *
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A potential deadlock in netlink_set_err() and __netlink_diag_dump() due to missing IRQ safety is fixed by adding local_bh_disable/enable.
Root
Cause
A potential deadlock was discovered in the Linux kernel's netlink subsystem, specifically in the netlink_set_err() function. The issue arises because nl_table_lock was taken without disabling interrupts, while another lock (&local->queue_stop_reason_lock) is taken in a SOFTIRQ context. This creates an inverse lock ordering scenario where an interrupt can cause a deadlock [1][2].
Exploitation
Conditions
The vulnerability can be triggered by any local user (unprivileged) who can cause a netlink error to be set via netlink_set_err() or trigger a netlink diagnostic dump via __netlink_diag_dump(). No special privileges are required beyond being able to interact with netlink sockets. A successful deadlock would result in a denial of service (system hang) for all CPUs [1].
Impact
An attacker achieving this deadlock would cause a complete denial of service, making the system unresponsive. There is no evidence of memory corruption or privilege escalation, only a system hang due to lock inversion [1].
Mitigation
The fix, backported to multiple stable kernel versions, adds local_bh_disable() / local_bh_enable() around the lock acquisitions in netlink_set_err() and __netlink_diag_dump(), ensuring that interrupts are disabled while holding nl_table_lock [1][2][3][4]. Users should apply the latest stable kernel updates to address CVE-2023-53731.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
9c09e8e3f7fd44b9adb8d4a628f6652ed2ad9cde7b90e0539a641240b7e0761ffe8b1ee08eb8e27c8fa931556ba034b958d61f926d420Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
9- git.kernel.org/stable/c/1556ba034b95cfd4f75ea93c1a2679ae0444bba1nvd
- git.kernel.org/stable/c/4b9adb8d4a62ff7608d4a7d4eb42036a88f30980nvd
- git.kernel.org/stable/c/61ffe8b1ee084e5c82a4e4bbf9e7b68e0c06e464nvd
- git.kernel.org/stable/c/8d61f926d42045961e6b65191c09e3678d86a9cfnvd
- git.kernel.org/stable/c/8f6652ed2ad98fe6d13b903483d9257762ab2ec6nvd
- git.kernel.org/stable/c/a641240b7e071c5538dc0e7894ece833fce459ddnvd
- git.kernel.org/stable/c/c09e8e3f7fd432984bf5422302b093d2371dfc48nvd
- git.kernel.org/stable/c/cde7b90e0539a3b11da377e463dfd2288a162dbfnvd
- git.kernel.org/stable/c/eb8e27c8fa9397b4a7b181c48fa58157dbe9902envd
News mentions
0No linked articles in our index yet.