CVE-2023-53186

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists between coalescing and releasing SKBs (Socket Buffer) in the Linux kernel. A commit intended to fix coalescing for page pool fragment recycling inadvertently introduced a scenario where an SKB could be released while coalescing was still in progress. This could lead to inconsistent reference counts, potentially resulting in use-after-free or double-free errors. The issue stems from the requirement that skb cloned(@from) must be true until coalescing completes, and a failure to uphold this condition when a cloned SKB is released prematurely. A double-free error, indicated by a bad page state, prompted investigation into this issue.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.