CVE-2023-53131

Опубликовано: 02 мая 2025

Источник: redhat

CVSS3: 2.3

Описание

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever getting called. If that happens the svc_rqst will not be cleaned up.

Отчет

A race condition in the SUNRPC server shutdown logic could lead to a memory/resource leak of the svc_rqst structure. The issue occurs if kthread_stop() is called before the associated kernel thread (threadfn) is actually scheduled to run. In this case, the thread's cleanup routine (svc_exit_thread()) is never called, resulting in leaked memory or unreleased resources. The patch addresses this by manually invoking cleanup if kthread_stop() returns -EINTR.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 10	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel	Out of support scope
Red Hat Enterprise Linux 7	kernel-rt	Out of support scope
Red Hat Enterprise Linux 8	kernel	Out of support scope
Red Hat Enterprise Linux 8	kernel-rt	Out of support scope
Red Hat Enterprise Linux 9	kernel	Fix deferred
Red Hat Enterprise Linux 9	kernel-rt	Fix deferred