🛡️ UBUNTU-CVE-2023-53421
⚪ Unknown ✅ No Known Exploit OSV
N/A
CVSS Score
0 Low4 Medium7 High9 Critical10

Description

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq structure with the associated blkg_iostat_set's, there are 2 fields within blkg_iostat_set that requires proper initialization - blkg & sync. The former field was introduced by commit 3b8cc6298724 ("blk-cgroup: Optimize blkcg_rstat_flush()") while the later one was introduced by commit f73316482977 ("blk-cgroup: reimplement basic IO stats using cgroup rstat"). Unfortunately those fields in the blkg_iostat_set's are not properly re-initialized when they are cleared in v1's blkcg_reset_stats(). This can lead to a kernel panic due to NULL pointer access of the blkg pointer. The missing initialization of sync is less problematic and can be a problem in a debug kernel due to missing lockdep initialization. Fix these problems by re-initializing them after memory clearing.

Details

Severity Unknown
CVSS Score N/A
CVSS Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE N/A
Public Exploit ✅ No
Source OSV
Published 2025-09-18
Updated 2026-06-15
Modified 2026-06-08
Fix URL N/A

Affected Packages

Software From version Fixed in
linux 5.15.0-176.186
linux-allwinner-5.19
linux-aws 5.15.0-1105.112
linux-aws-5.0
linux-aws-5.11
linux-aws-5.13
linux-aws-5.15 5.15.0-1105.112~20.04.1
linux-aws-5.19
linux-aws-5.3
linux-aws-5.8
linux-aws-6.2
linux-aws-6.5
linux-aws-fips 5.15.0-1105.112+fips1
linux-azure 5.15.0-1110.119
linux-azure-5.11
linux-azure-5.13
linux-azure-5.15 5.15.0-1110.119~20.04.1
linux-azure-5.19
linux-azure-5.3
linux-azure-5.8
linux-azure-6.11
linux-azure-6.2
linux-azure-6.5
linux-azure-edge
linux-azure-fde
linux-azure-fde-5.19
linux-azure-fde-6.2
linux-azure-fips 5.15.0-1110.119+fips1
linux-bluefield
linux-fips 5.15.0-176.186+fips1
linux-gcp 5.15.0-1105.114
linux-gcp-5.11
linux-gcp-5.13
linux-gcp-5.15 5.15.0-1106.115~20.04.1
linux-gcp-5.19
linux-gcp-5.3
linux-gcp-5.8
linux-gcp-6.11
linux-gcp-6.2
linux-gcp-6.5
linux-gcp-fips 5.15.0-1105.114+fips1
linux-gke 5.15.0-1101.107
linux-gke-4.15
linux-gke-5.15
linux-gke-5.4
linux-gkeop 5.15.0-1088.96
linux-gkeop-5.15
linux-gkeop-5.4
linux-hwe
linux-hwe-5.11
linux-hwe-5.13
linux-hwe-5.15 5.15.0-176.186~20.04.1
linux-hwe-5.19
linux-hwe-5.8
linux-hwe-6.11
linux-hwe-6.2
linux-hwe-6.5
linux-hwe-edge
linux-ibm 5.15.0-1099.102
linux-ibm-5.15 5.15.0-1099.102~20.04.1
linux-intel
linux-intel-5.13
linux-intel-iot-realtime 5.15.0-1097.99
linux-intel-iotg 5.15.0-1100.106
linux-intel-iotg-5.15 5.15.0-1100.106~20.04.1
linux-kvm 5.15.0-1097.102
linux-lowlatency 5.15.0-175.185
linux-lowlatency-hwe-5.15 5.15.0-175.185~20.04.1
linux-lowlatency-hwe-5.19
linux-lowlatency-hwe-6.11
linux-lowlatency-hwe-6.2
linux-lowlatency-hwe-6.5
linux-nvidia 5.15.0-1100.101
linux-nvidia-6.2
linux-nvidia-6.5
linux-nvidia-tegra 5.15.0-1057.57
linux-nvidia-tegra-5.15 5.15.0-1057.57~20.04.1
linux-nvidia-tegra-igx 5.15.0-1046.46
linux-oem
linux-oem-5.10
linux-oem-5.13
linux-oem-5.14
linux-oem-5.17
linux-oem-5.6
linux-oem-6.0
linux-oem-6.1
linux-oem-6.11
linux-oem-6.5
linux-oem-6.8
linux-oracle 5.15.0-1102.108
linux-oracle-5.0
linux-oracle-5.11
linux-oracle-5.13
linux-oracle-5.15 5.15.0-1102.108~20.04.1
linux-oracle-5.3
linux-oracle-5.8
linux-oracle-6.5
linux-raspi 5.15.0-1099.102
linux-raspi-realtime
linux-raspi2
linux-realtime
linux-riscv
linux-riscv-5.11
linux-riscv-5.15 5.15.0-1099.103~20.04.1
linux-riscv-5.19
linux-riscv-5.8
linux-riscv-6.5
linux-starfive-5.19
linux-starfive-6.2
linux-starfive-6.5
linux-xilinx-zynqmp 5.15.0-1070.74

References

Similar Threats

Exploit Protection

Help block exploit attempts

BotEraser is designed to detect and help reduce malicious bot traffic that may target known vulnerabilities on your site.

Try BotEraser Free →

No credit card required  ·  Results in minutes

ⓘ Data Notice: The information presented above has been compiled from publicly available internet sources. Boteraser aggregates this data solely for informational purposes and does not independently classify, evaluate, or endorse any findings about the vulnerabilities listed. The accuracy and completeness of this information is the sole responsibility of the original publishers. Boteraser and its operators accept no liability for any decisions made based on this data.