{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-53189","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-09-15T13:59:19.066Z","datePublished":"2025-09-15T14:05:26.685Z","dateUpdated":"2026-05-11T19:39:58.324Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:39:58.324Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6/addrconf: fix a potential refcount underflow for idev\n\nNow in addrconf_mod_rs_timer(), reference idev depends on whether\nrs_timer is not pending. Then modify rs_timer timeout.\n\nThere is a time gap in [1], during which if the pending rs_timer\nbecomes not pending. It will miss to hold idev, but the rs_timer\nis activated. Thus rs_timer callback function addrconf_rs_timer()\nwill be executed and put idev later without holding idev. A refcount\nunderflow issue for idev can be caused by this.\n\n\tif (!timer_pending(&idev->rs_timer))\n\t\tin6_dev_hold(idev);\n\t\t  <--------------[1]\n\tmod_timer(&idev->rs_timer, jiffies + when);\n\nTo fix the issue, hold idev if mod_timer() return 0."}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/ipv6/addrconf.c"],"versions":[{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"c6395e32935d35e6f935e7caf1c2dac5a95943b4","status":"affected","versionType":"git"},{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"df62fdcd004afa72ecbed0e862ebb983acd3aa57","status":"affected","versionType":"git"},{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"c7eeba47058532f6077d6a658e38b6698f6ae71a","status":"affected","versionType":"git"},{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"2ad31ce40e8182860b631e37209e93e543790b7c","status":"affected","versionType":"git"},{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"82abd1c37d3bf2a2658b34772c17a25a6f9cca42","status":"affected","versionType":"git"},{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"436b7cc7eae7851c184b671ed7a4a64c750b86f7","status":"affected","versionType":"git"},{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"1f656e483eb4733d62f18dfb206a49b78f60f495","status":"affected","versionType":"git"},{"version":"b7b1bfce0bb68bd8f6e62a28295922785cc63781","lessThan":"06a0716949c22e2aefb648526580671197151acc","status":"affected","versionType":"git"},{"version":"973d5956f754cfc306f5e274d71503498f4b0324","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["net/ipv6/addrconf.c"],"versions":[{"version":"3.11","status":"affected"},{"version":"0","lessThan":"3.11","status":"unaffected","versionType":"semver"},{"version":"4.14.322","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.291","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.251","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.188","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.121","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.40","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.4.5","lessThanOrEqual":"6.4.*","status":"unaffected","versionType":"semver"},{"version":"6.5","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"4.14.322"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"4.19.291"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"5.4.251"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"5.10.188"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"5.15.121"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"6.1.40"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"6.4.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"6.5"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.10.105"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/c6395e32935d35e6f935e7caf1c2dac5a95943b4"},{"url":"https://git.kernel.org/stable/c/df62fdcd004afa72ecbed0e862ebb983acd3aa57"},{"url":"https://git.kernel.org/stable/c/c7eeba47058532f6077d6a658e38b6698f6ae71a"},{"url":"https://git.kernel.org/stable/c/2ad31ce40e8182860b631e37209e93e543790b7c"},{"url":"https://git.kernel.org/stable/c/82abd1c37d3bf2a2658b34772c17a25a6f9cca42"},{"url":"https://git.kernel.org/stable/c/436b7cc7eae7851c184b671ed7a4a64c750b86f7"},{"url":"https://git.kernel.org/stable/c/1f656e483eb4733d62f18dfb206a49b78f60f495"},{"url":"https://git.kernel.org/stable/c/06a0716949c22e2aefb648526580671197151acc"}],"title":"ipv6/addrconf: fix a potential refcount underflow for idev","x_generator":{"engine":"bippy-1.2.0"}}}}