CVE-2023-52583

MEDIUM

Linux Kernel < 4.19.307 - Deadlock via Incorrect Dentry Lock Order

Title source: llm

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we should always make sure that the parent get the lock first. But since this deadcode is never used and the parent dir will always be set from the callers, let's just remove it.

References (10)

Core 10

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Mailing List

https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html

Patch

https://git.kernel.org/stable/c/eb55ba8aa7fb7aad54f40fbf4d8dcdfdba0bebf6

Patch

https://git.kernel.org/stable/c/6ab4fd508fad942f1f1ba940492f2735e078e980

Patch

https://git.kernel.org/stable/c/e016e358461b89b231626fcf78c5c38e35c44fd3

Patch

https://git.kernel.org/stable/c/a9c15d6e8aee074fae66c04d114f20b84274fcca

Patch

https://git.kernel.org/stable/c/7f2649c94264d00df6b6ac27161e9f4372a3450e

Patch

https://git.kernel.org/stable/c/196b87e5c00ce021e164a5de0f0d04f4116a9160

Patch

https://git.kernel.org/stable/c/76cb2aa3421fee4fde706dec41b1344bc0a9ad67

Patch

https://git.kernel.org/stable/c/b493ad718b1f0357394d2cdecbf00a44a36fa085

Scores

CVSS v3 5.5

EPSS 0.0001

EPSS Percentile 1.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-667

Status published

Products (20)

debian/debian_linux 10.0

Linux/Linux < 2.6.34

Linux/Linux 2.6.34

Linux/Linux 4.19.307 - 4.19.*

Linux/Linux 5.10.210 - 5.10.*

Linux/Linux 5.15.149 - 5.15.*

Linux/Linux 5.4.269 - 5.4.*

Linux/Linux 6.1.77 - 6.1.*

Linux/Linux 6.6.16 - 6.6.*

Linux/Linux 6.7.4 - 6.7.*

... and 10 more

Published Mar 06, 2024

Tracked Since Feb 18, 2026