CVE-2023-53189
Published: Sep 15, 2025
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconf_mod_rs_timer(), reference idev depends on whether rs_timer is not pending. Then modify rs_timer timeout. There is a time gap in [1], during which if the pending rs_timer becomes not pending. It will miss to hold idev, but the rs_timer is activated. Thus rs_timer callback function addrconf_rs_timer() will be executed and put idev later without holding idev. A refcount underflow issue for idev can be caused by this. if (!timer_pending(&idev->rs_timer)) in6_dev_hold(idev); <--------------[1] mod_timer(&idev->rs_timer, jiffies + when); To fix the issue, hold idev if mod_timer() return 0.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected b7b1bfce0bb68bd8f6e62a28295922785cc63781 - < c6395e32935d35e6f935e7caf1c2dac5a95943b4affected b7b1bfce0bb68bd8f6e62a28295922785cc63781 - < df62fdcd004afa72ecbed0e862ebb983acd3aa57affected b7b1bfce0bb68bd8f6e62a28295922785cc63781 - < c7eeba47058532f6077d6a658e38b6698f6ae71aaffected b7b1bfce0bb68bd8f6e62a28295922785cc63781 - < 2ad31ce40e8182860b631e37209e93e543790b7caffected b7b1bfce0bb68bd8f6e62a28295922785cc63781 - < 82abd1c37d3bf2a2658b34772c17a25a6f9cca42+5 more versions |
Linux | Linux | affected 3.11unaffected 0 - < 3.11unaffected 4.14.322 - <= 4.14.*unaffected 4.19.291 - <= 4.19.*unaffected 5.4.251 - <= 5.4.*+5 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now