{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54081", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T13:02:52.515Z", "datePublished": "2025-12-24T13:06:13.316Z", "dateUpdated": "2025-12-24T13:06:13.316Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T13:06:13.316Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen: speed up grant-table reclaim\n\nWhen a grant entry is still in use by the remote domain, Linux must put\nit on a deferred list. Normally, this list is very short, because\nthe PV network and block protocols expect the backend to unmap the grant\nfirst. However, Qubes OS's GUI protocol is subject to the constraints\nof the X Window System, and as such winds up with the frontend unmapping\nthe window first. As a result, the list can grow very large, resulting\nin a massive memory leak and eventual VM freeze.\n\nTo partially solve this problem, make the number of entries that the VM\nwill attempt to free at each iteration tunable. The default is still\n10, but it can be overridden via a module parameter.\n\nThis is Cc: stable because (when combined with appropriate userspace\nchanges) it fixes a severe performance and stability problem for Qubes\nOS users."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["Documentation/ABI/testing/sysfs-module", "drivers/xen/grant-table.c"], "versions": [{"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "cd1a8952ff529adc210e62306849fd6f256608c0", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c76d96c555895ac602c1587b001e5cf656abc371", "status": "affected", "versionType": "git"}, {"version": "1da177e4c3f41524e886b7f1b8a0c1fc7321cac2", "lessThan": "c04e9894846c663f3278a414f34416e6e45bbe68", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["Documentation/ABI/testing/sysfs-module", "drivers/xen/grant-table.c"], "versions": [{"version": "6.1.43", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.8", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.1.43"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.4.8"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/cd1a8952ff529adc210e62306849fd6f256608c0"}, {"url": "https://git.kernel.org/stable/c/c76d96c555895ac602c1587b001e5cf656abc371"}, {"url": "https://git.kernel.org/stable/c/c04e9894846c663f3278a414f34416e6e45bbe68"}], "title": "xen: speed up grant-table reclaim", "x_generator": {"engine": "bippy-1.2.0"}}}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nxen: speed up grant-table reclaim\n\nWhen a grant entry is still in use by the remote domain, Linux must put\nit on a deferred list. Normally, this list is very short, because\nthe PV network and block protocols expect the backend to unmap the grant\nfirst. However, Qubes OS's GUI protocol is subject to the constraints\nof the X Window System, and as such winds up with the frontend unmapping\nthe window first. As a result, the list can grow very large, resulting\nin a massive memory leak and eventual VM freeze.\n\nTo partially solve this problem, make the number of entries that the VM\nwill attempt to free at each iteration tunable. The default is still\n10, but it can be overridden via a module parameter.\n\nThis is Cc: stable because (when combined with appropriate userspace\nchanges) it fixes a severe performance and stability problem for Qubes\nOS users."}], "id": "CVE-2023-54081", "lastModified": "2025-12-24T13:16:09.950", "metrics": {}, "published": "2025-12-24T13:16:09.950", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c04e9894846c663f3278a414f34416e6e45bbe68"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/c76d96c555895ac602c1587b001e5cf656abc371"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/cd1a8952ff529adc210e62306849fd6f256608c0"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Received"}

{"bugzilla": {"description": "kernel: xen: speed up grant-table reclaim", "id": "2425137", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425137"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "details": ["No description is available for this CVE."], "name": "CVE-2023-54081", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2025-12-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-54081\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-54081\nhttps://lore.kernel.org/linux-cve-announce/2025122403-CVE-2023-54081-3fc3@gregkh/T"], "threat_severity": "Low"}

{}