CVE-2023-53759 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidraw_open() function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently opening a device. The race is a regression introduced by commit 8590222e4b02 ("HID: hidraw: Replace hidraw device table mutex with a rwsem"). While minors_rwsem is intended to protect the hidraw_table itself, by instead acquiring the lock for writing, the reference counter is also protected. This is symmetrical to hidraw_release().

PUBLISHED Reserved 2025-12-08 | Published 2025-12-08 | Updated 2025-12-08 | Assigner Linux

Product status

Default status

unaffected

8590222e4b021054a7167a4dd35b152a8ed7018e (git) before 879e79c3aead41b8aa2e91164354b30bd1c4ef3b

affected

8590222e4b021054a7167a4dd35b152a8ed7018e (git) before ff348eabd97577da974d3db7038857f28c61d2bd

affected

8590222e4b021054a7167a4dd35b152a8ed7018e (git) before 05b47034e2488c2924e5c032e20a1979d012b5b5

affected

8590222e4b021054a7167a4dd35b152a8ed7018e (git) before 944ee77dc6ec7b0afd8ec70ffc418b238c92f12b

affected

Default status

affected

5.17

affected

Any version before 5.17

unaffected

6.1.37 (semver)

unaffected

6.3.11 (semver)

unaffected

6.4.1 (semver)

unaffected

6.5 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/879e79c3aead41b8aa2e91164354b30bd1c4ef3b

git.kernel.org/...c/ff348eabd97577da974d3db7038857f28c61d2bd

git.kernel.org/...c/05b47034e2488c2924e5c032e20a1979d012b5b5

git.kernel.org/...c/944ee77dc6ec7b0afd8ec70ffc418b238c92f12b

cve.org (CVE-2023-53759)

nvd.nist.gov (CVE-2023-53759)

Download JSON

help @ threatint.eu