CVE-2023-53623

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.10.y and later

Description The Linux kernel contains a flaw in the mm/swap component related to a race condition between swapoff and get swap pages when handling swap info struct. Specifically, the si->lock is not consistently held when deleting a swap info structure from the available list, potentially allowing another thread to re-add it. This can lead to memory corruption and, in the worst case, a kernel panic. The issue can be triggered by concurrently running swapon-swapoff operations, such as with the stress-ng-swap tool, or by calling madvise(MADV PAGEOUT) on touched memory blocks. A panic message involving plist check prev next node may be observed when CONFIG PLIST DEBUG is enabled.

Recommendations Versions prior to 5.10.y are not affected.