CVE-2023-53501 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind When unbinding pasid - a race condition exists vs outstanding page faults. To prevent this, the pasid_state object contains a refcount. * set to 1 on pasid bind * incremented on each ppr notification start * decremented on each ppr notification done * decremented on pasid unbind Since refcount_dec assumes that refcount will never reach 0: the current implementation causes the following to be invoked on pasid unbind: REFCOUNT_WARN("decrement hit 0; leaking memory") Fix this issue by changing refcount_dec to refcount_dec_and_test to explicitly handle refcount=1.

PUBLISHED Reserved 2025-10-01 | Published 2025-10-01 | Updated 2025-10-01 | Assigner Linux

Product status

Default status

unaffected

8bc54824da4e8fcf0ed679cf09ac32f23d83254a before a50d60b8f2aff46dd7c7edb4a5835cdc4d432c22

affected

8bc54824da4e8fcf0ed679cf09ac32f23d83254a before 13ed255248dfbbb7f23f9170c7a537fb9ca22c73

affected

8bc54824da4e8fcf0ed679cf09ac32f23d83254a before 9ccc51be3126b25cfe9351dbffde946c925cc28a

affected

8bc54824da4e8fcf0ed679cf09ac32f23d83254a before 98d86bf32187db27946ca817c2467a5f2f7aa02f

affected

8bc54824da4e8fcf0ed679cf09ac32f23d83254a before 534103bcd52ca9c1fecbc70e717b4a538dc4ded8

affected

Default status

affected

5.15

affected

Any version before 5.15

unaffected

5.15.132

unaffected

6.1.53

unaffected

6.4.16

unaffected

6.5.3

unaffected

6.6

unaffected

References

git.kernel.org/...c/a50d60b8f2aff46dd7c7edb4a5835cdc4d432c22

git.kernel.org/...c/13ed255248dfbbb7f23f9170c7a537fb9ca22c73

git.kernel.org/...c/9ccc51be3126b25cfe9351dbffde946c925cc28a

git.kernel.org/...c/98d86bf32187db27946ca817c2467a5f2f7aa02f

git.kernel.org/...c/534103bcd52ca9c1fecbc70e717b4a538dc4ded8

cve.org (CVE-2023-53501)

nvd.nist.gov (CVE-2023-53501)

Download JSON

help @ threatint.eu