CVE-2023-53727

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-syzkaller-00453-g727dbda16b83

Description The Linux kernel contains an issue within the networking scheduler related to the fq pie (Fair Queueing Packet Identifier) implementation. Specifically, the fq pie timer() function can experience stalls when handling a large number of flows, up to the limit of 65536. This occurs because the function consumes excessive time during processing, as reported by syzbot. The issue is addressed by adding logic to yield the CPU every 2048 flows, reducing the time spent in the function and preventing blocking of qdisc fast paths. In the worst-case scenario (65536 flows), the complete scan would require 31 jiffies. The root cause is related to resource contention and inefficient CPU usage within the fq pie timer() function.

Recommendations Versions prior to 6.5.0-syzkaller-00453-g727dbda16b83 should be updated to a newer version that includes the fix.