{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2023-54283","assignerOrgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","state":"PUBLISHED","assignerShortName":"Linux","dateReserved":"2025-12-30T12:06:44.525Z","datePublished":"2025-12-30T12:23:24.460Z","dateUpdated":"2026-05-11T19:58:58.681Z"},"containers":{"cna":{"providerMetadata":{"orgId":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","shortName":"Linux","dateUpdated":"2026-05-11T19:58:58.681Z"},"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Address KCSAN report on bpf_lru_list\n\nKCSAN reported a data-race when accessing node->ref.\nAlthough node->ref does not have to be accurate,\ntake this chance to use a more common READ_ONCE() and WRITE_ONCE()\npattern instead of data_race().\n\nThere is an existing bpf_lru_node_is_ref() and bpf_lru_node_set_ref().\nThis patch also adds bpf_lru_node_clear_ref() to do the\nWRITE_ONCE(node->ref, 0) also.\n\n==================================================================\nBUG: KCSAN: data-race in __bpf_lru_list_rotate / __htab_lru_percpu_map_update_elem\n\nwrite to 0xffff888137038deb of 1 bytes by task 11240 on cpu 1:\n__bpf_lru_node_move kernel/bpf/bpf_lru_list.c:113 [inline]\n__bpf_lru_list_rotate_active kernel/bpf/bpf_lru_list.c:149 [inline]\n__bpf_lru_list_rotate+0x1bf/0x750 kernel/bpf/bpf_lru_list.c:240\nbpf_lru_list_pop_free_to_local kernel/bpf/bpf_lru_list.c:329 [inline]\nbpf_common_lru_pop_free kernel/bpf/bpf_lru_list.c:447 [inline]\nbpf_lru_pop_free+0x638/0xe20 kernel/bpf/bpf_lru_list.c:499\nprealloc_lru_pop kernel/bpf/hashtab.c:290 [inline]\n__htab_lru_percpu_map_update_elem+0xe7/0x820 kernel/bpf/hashtab.c:1316\nbpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2313\nbpf_map_update_value+0x2a9/0x370 kernel/bpf/syscall.c:200\ngeneric_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1687\nbpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4534\n__sys_bpf+0x338/0x810\n__do_sys_bpf kernel/bpf/syscall.c:5096 [inline]\n__se_sys_bpf kernel/bpf/syscall.c:5094 [inline]\n__x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5094\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nread to 0xffff888137038deb of 1 bytes by task 11241 on cpu 0:\nbpf_lru_node_set_ref kernel/bpf/bpf_lru_list.h:70 [inline]\n__htab_lru_percpu_map_update_elem+0x2f1/0x820 kernel/bpf/hashtab.c:1332\nbpf_percpu_hash_update+0x5e/0x90 kernel/bpf/hashtab.c:2313\nbpf_map_update_value+0x2a9/0x370 kernel/bpf/syscall.c:200\ngeneric_map_update_batch+0x3ae/0x4f0 kernel/bpf/syscall.c:1687\nbpf_map_do_batch+0x2d9/0x3d0 kernel/bpf/syscall.c:4534\n__sys_bpf+0x338/0x810\n__do_sys_bpf kernel/bpf/syscall.c:5096 [inline]\n__se_sys_bpf kernel/bpf/syscall.c:5094 [inline]\n__x64_sys_bpf+0x43/0x50 kernel/bpf/syscall.c:5094\ndo_syscall_x64 arch/x86/entry/common.c:50 [inline]\ndo_syscall_64+0x41/0xc0 arch/x86/entry/common.c:80\nentry_SYSCALL_64_after_hwframe+0x63/0xcd\n\nvalue changed: 0x01 -> 0x00\n\nReported by Kernel Concurrency Sanitizer on:\nCPU: 0 PID: 11241 Comm: syz-executor.3 Not tainted 6.3.0-rc7-syzkaller-00136-g6a66fdd29ea1 #0\nHardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/30/2023\n=================================================================="}],"affected":[{"product":"Linux","vendor":"Linux","defaultStatus":"unaffected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/bpf/bpf_lru_list.c","kernel/bpf/bpf_lru_list.h"],"versions":[{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"6eaef1b1d8720053eb1b6e7a3ff8b2ff0716bb90","status":"affected","versionType":"git"},{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"a89d14410ea0352420f03cddc67e0002dcc8f9a5","status":"affected","versionType":"git"},{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"e09a285ea1e859d4cc6cb689d8d5d7c1f7c7c0d5","status":"affected","versionType":"git"},{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"b6d9a4062c944ad095b34dc112bf646a84156f60","status":"affected","versionType":"git"},{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"819ca25444b377935faa2dbb0aa3547519b5c80f","status":"affected","versionType":"git"},{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"c006fe361cfd947f51a56793deddf891e5cbfef8","status":"affected","versionType":"git"},{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"6e5e83b56f50fbd1c8f7dca7df7d72c67be25571","status":"affected","versionType":"git"},{"version":"3a08c2fd763450a927d1130de078d6f9e74944fb","lessThan":"ee9fd0ac3017c4313be91a220a9ac4c99dde7ad4","status":"affected","versionType":"git"}]},{"product":"Linux","vendor":"Linux","defaultStatus":"affected","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","programFiles":["kernel/bpf/bpf_lru_list.c","kernel/bpf/bpf_lru_list.h"],"versions":[{"version":"4.10","status":"affected"},{"version":"0","lessThan":"4.10","status":"unaffected","versionType":"semver"},{"version":"4.14.322","lessThanOrEqual":"4.14.*","status":"unaffected","versionType":"semver"},{"version":"4.19.291","lessThanOrEqual":"4.19.*","status":"unaffected","versionType":"semver"},{"version":"5.4.251","lessThanOrEqual":"5.4.*","status":"unaffected","versionType":"semver"},{"version":"5.10.188","lessThanOrEqual":"5.10.*","status":"unaffected","versionType":"semver"},{"version":"5.15.150","lessThanOrEqual":"5.15.*","status":"unaffected","versionType":"semver"},{"version":"6.1.42","lessThanOrEqual":"6.1.*","status":"unaffected","versionType":"semver"},{"version":"6.4.7","lessThanOrEqual":"6.4.*","status":"unaffected","versionType":"semver"},{"version":"6.5","lessThanOrEqual":"*","status":"unaffected","versionType":"original_commit_for_fix"}]}],"cpeApplicability":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.14.322"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.19.291"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"5.4.251"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"5.10.188"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"5.15.150"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"6.1.42"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"6.4.7"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"6.5"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/6eaef1b1d8720053eb1b6e7a3ff8b2ff0716bb90"},{"url":"https://git.kernel.org/stable/c/a89d14410ea0352420f03cddc67e0002dcc8f9a5"},{"url":"https://git.kernel.org/stable/c/e09a285ea1e859d4cc6cb689d8d5d7c1f7c7c0d5"},{"url":"https://git.kernel.org/stable/c/b6d9a4062c944ad095b34dc112bf646a84156f60"},{"url":"https://git.kernel.org/stable/c/819ca25444b377935faa2dbb0aa3547519b5c80f"},{"url":"https://git.kernel.org/stable/c/c006fe361cfd947f51a56793deddf891e5cbfef8"},{"url":"https://git.kernel.org/stable/c/6e5e83b56f50fbd1c8f7dca7df7d72c67be25571"},{"url":"https://git.kernel.org/stable/c/ee9fd0ac3017c4313be91a220a9ac4c99dde7ad4"}],"title":"bpf: Address KCSAN report on bpf_lru_list","x_generator":{"engine":"bippy-1.2.0"}}}}