CVE-2023-53207 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

ublk: fail to recover device if queue setup is interrupted

In ublk_ctrl_end_recovery(), if wait_for_completion_interruptible() is
interrupted by signal, queues aren't setup successfully yet, so we
have to fail UBLK_CMD_END_USER_RECOVERY, otherwise kernel oops can be
triggered.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0c0cbd4ebc375ceebc75c89df04b74f215fab23a
https://git.kernel.org/stable/c/84415f934ad4e96f3507fd09b831953d60fb04ec
https://git.kernel.org/stable/c/b3a1e243a74632f88b22e713f1c7256754017d58

History

Mon, 15 Sep 2025 14:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ublk: fail to recover device if queue setup is interrupted In ublk_ctrl_end_recovery(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_CMD_END_USER_RECOVERY, otherwise kernel oops can be triggered.
Title		ublk: fail to recover device if queue setup is interrupted
References		https://git.kernel.org/stable/c/0c0cbd4ebc375ceebc75c89df04b74f215fab23a https://git.kernel.org/stable/c/84415f934ad4e96f3507fd09b831953d60fb04ec https://git.kernel.org/stable/c/b3a1e243a74632f88b22e713f1c7256754017d58

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-15T14:21:35.378Z

Updated: 2025-09-15T14:21:35.378Z

Reserved: 2025-09-15T13:59:19.068Z

Link: CVE-2023-53207

Vulnrichment

No data.

NVD

Status : Awaiting Analysis

Published: 2025-09-15T15:15:47.203

Modified: 2025-09-15T15:22:27.090

Link: CVE-2023-53207

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53207", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-15T13:59:19.068Z", "datePublished": "2025-09-15T14:21:35.378Z", "dateUpdated": "2025-09-15T14:21:35.378Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-15T14:21:35.378Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nublk: fail to recover device if queue setup is interrupted\n\nIn ublk_ctrl_end_recovery(), if wait_for_completion_interruptible() is\ninterrupted by signal, queues aren't setup successfully yet, so we\nhave to fail UBLK_CMD_END_USER_RECOVERY, otherwise kernel oops can be\ntriggered."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/block/ublk_drv.c"], "versions": [{"version": "c732a852b419fa057b53657e2daaf9433940391c", "lessThan": "84415f934ad4e96f3507fd09b831953d60fb04ec", "status": "affected", "versionType": "git"}, {"version": "c732a852b419fa057b53657e2daaf9433940391c", "lessThan": "b3a1e243a74632f88b22e713f1c7256754017d58", "status": "affected", "versionType": "git"}, {"version": "c732a852b419fa057b53657e2daaf9433940391c", "lessThan": "0c0cbd4ebc375ceebc75c89df04b74f215fab23a", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/block/ublk_drv.c"], "versions": [{"version": "6.1", "status": "affected"}, {"version": "0", "lessThan": "6.1", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.43", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.8", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.1.43"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.4.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/84415f934ad4e96f3507fd09b831953d60fb04ec"}, {"url": "https://git.kernel.org/stable/c/b3a1e243a74632f88b22e713f1c7256754017d58"}, {"url": "https://git.kernel.org/stable/c/0c0cbd4ebc375ceebc75c89df04b74f215fab23a"}], "title": "ublk: fail to recover device if queue setup is interrupted", "x_generator": {"engine": "bippy-1.2.0"}}}}