CVE-2023-53591

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.3.0-rc3+

Description The Linux kernel contained a deadlock issue within the net/mlx5e module, specifically in the tc route query code. The issue stemmed from an ABBA deadlock occurring when peer flows were created while holding the devcom read-write semaphore. The code was refactored to use RCU (Read-Copy-Update) for lockless execution, involving RCUifying the devcom data pointer and wrapping usages of the paired boolean in READ ONCE and WRITE ONCE macros. The mlx5e tc query route vport function was updated to utilize the new mlx5 devcom get peer data rcu API to resolve the deadlock. The deadlock was detected during testing and reported with a warning message indicating a circular locking dependency.

Recommendations Update to a version later than 6.3.0-rc3+ to address this issue.