CVE-2023-53508 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

ublk: fail to start device if queue setup is interrupted

In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is
interrupted by signal, queues aren't setup successfully yet, so we
have to fail UBLK_CMD_START_DEV, otherwise kernel oops can be triggered.

Reported by German when working on qemu-storage-deamon which requires
single thread ublk daemon.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00017.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/0d5916c439574b18a0734872daa0022b3d6105ad
https://git.kernel.org/stable/c/53e7d08f6d6e214c40db1f51291bb2975c789dc2
https://git.kernel.org/stable/c/6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd

History

Wed, 01 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: ublk: fail to start device if queue setup is interrupted In ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is interrupted by signal, queues aren't setup successfully yet, so we have to fail UBLK_CMD_START_DEV, otherwise kernel oops can be triggered. Reported by German when working on qemu-storage-deamon which requires single thread ublk daemon.
Title		ublk: fail to start device if queue setup is interrupted
References		https://git.kernel.org/stable/c/0d5916c439574b18a0734872daa0022b3d6105ad https://git.kernel.org/stable/c/53e7d08f6d6e214c40db1f51291bb2975c789dc2 https://git.kernel.org/stable/c/6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T11:45:58.042Z

Updated: 2025-10-01T11:45:58.042Z

Reserved: 2025-10-01T11:39:39.405Z

Link: CVE-2023-53508

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-01T12:15:54.593

Modified: 2025-10-01T12:15:54.593

Link: CVE-2023-53508

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53508", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-10-01T11:39:39.405Z", "datePublished": "2025-10-01T11:45:58.042Z", "dateUpdated": "2025-10-01T11:45:58.042Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-10-01T11:45:58.042Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nublk: fail to start device if queue setup is interrupted\n\nIn ublk_ctrl_start_dev(), if wait_for_completion_interruptible() is\ninterrupted by signal, queues aren't setup successfully yet, so we\nhave to fail UBLK_CMD_START_DEV, otherwise kernel oops can be triggered.\n\nReported by German when working on qemu-storage-deamon which requires\nsingle thread ublk daemon."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/block/ublk_drv.c"], "versions": [{"version": "71f28f3136aff5890cd56de78abc673f8393cad9", "lessThan": "0d5916c439574b18a0734872daa0022b3d6105ad", "status": "affected", "versionType": "git"}, {"version": "71f28f3136aff5890cd56de78abc673f8393cad9", "lessThan": "6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd", "status": "affected", "versionType": "git"}, {"version": "71f28f3136aff5890cd56de78abc673f8393cad9", "lessThan": "53e7d08f6d6e214c40db1f51291bb2975c789dc2", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["drivers/block/ublk_drv.c"], "versions": [{"version": "6.0", "status": "affected"}, {"version": "0", "lessThan": "6.0", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.43", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.8", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.1.43"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.4.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/0d5916c439574b18a0734872daa0022b3d6105ad"}, {"url": "https://git.kernel.org/stable/c/6ab3e7d424cd413d7a5e976c8a30b4ffa84a65dd"}, {"url": "https://git.kernel.org/stable/c/53e7d08f6d6e214c40db1f51291bb2975c789dc2"}], "title": "ublk: fail to start device if queue setup is interrupted", "x_generator": {"engine": "bippy-1.2.0"}}}}