PT-2024-7948 · Linux+9 · Linux Kernel+9
Published
2024-03-26
·
Updated
2025-09-29
·
CVE-2023-52623
CVSS v3.1
5.5
Medium
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel versions prior to 6.7.0
Description
The vulnerability is related to a suspicious RCU usage warning in the Linux kernel. It was discovered while running cthon against an ontap server running pNFS. The warning indicates that an RCU-list was traversed in a non-reader section, which could potentially lead to a denial-of-service attack. The vulnerability is associated with the
rpc xprt switch has addr function in the net/sunrpc/xprtmultipath.c file.Recommendations
To resolve the issue, update the Linux kernel to a version that includes the fix for the suspicious RCU usage warning. Specifically, versions prior to 6.7.0 are affected, so updating to 6.7.0 or later should mitigate the vulnerability.
Note: The provided information does not specify the exact version that includes the fix, but it is mentioned that the issue is resolved in the Linux kernel. Therefore, updating to the latest available version is recommended.
Exploit
Fix
Path traversal
Stack Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Almalinux
Astra Linux
Centos
Linuxmint
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu