PT-2025-37521 · Linux+5 · Linux Kernel+5

Published

2023-06-22

Updated

2026-02-12

CVE-2023-53148

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw within the igb module where the igb down function can hang when a Thunderbolt hub connected to Ethernet and a display via USB Type-C is unexpectedly removed. This occurs because the igb down function is called multiple times during the removal process, leading to a block at napi synchronize. Specifically, the issue arises from non-fatal PCIE errors triggering an unnecessary slot reset request, causing the Ethernet connection to break down. The call trace includes functions such as schedule, schedule, igb down, igb close, igb close, and igb remove.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Double Free

Improper Resource Release

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-415CWE-404

Related Identifiers

ALSA-2025_16880

BDU:2026-02187

CESA-2024_3138

CVE-2023-53148

RHSA-2024:2394

RHSA-2024:3138

RHSA-2024_2394

RHSA-2024_3138

SUSE-SU-2025:03600-1

SUSE-SU-2025:03614-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

SUSE-SU-2026:0473-1

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Suse

Igb

PT-2025-37521 · Linux+5 · Linux Kernel+5

CVE-2023-53148

Weakness Enumeration

Related Identifiers

Affected Products

References · 1907