CVE-2023-52583

MEDIUM

Linux Kernel < 4.19.307 - Deadlock via Incorrect Dentry Lock Order

Title source: llm
STIX 2.1

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we should always make sure that the parent get the lock first. But since this deadcode is never used and the parent dir will always be set from the callers, let's just remove it.

Scores

CVSS v3 5.5
EPSS 0.0018
EPSS Percentile 7.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-667
Status published
Products (27)
debian/debian_linux 10.0
linux/Kernel 2.6.34 - 4.19.307linux
linux/Kernel 4.20.0 - 5.4.269linux
linux/Kernel 5.11.0 - 5.15.149linux
linux/Kernel 5.16.0 - 6.1.77linux
linux/Kernel 5.5.0 - 5.10.210linux
linux/Kernel 6.2.0 - 6.6.16linux
linux/Kernel 6.7.0 - 6.7.4linux
Linux/Linux < 2.6.34
Linux/Linux 2.6.34
... and 17 more
Published Mar 06, 2024
Tracked Since Feb 18, 2026