CVE-2023-53188

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A race condition exists in the Linux kernel's Open vSwitch (OVS) implementation related to port output. Specifically, the issue occurs when a network namespace is deleted while packets are still being sent to an OVS vport. This can lead to a CPU being stuck in an infinite loop within the skb tx hash function if dev->real num tx queues is zero. The vulnerability arises because the removal of RX handlers doesn't prevent packets from being sent to the device during the unregistration process, and the background task responsible for vport deletion may not complete before packets are processed. The issue can be triggered by sending a large number of parallel requests to a server within a network namespace and simultaneously deleting the namespace.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.