CVE-2023-53728

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue within the posix-timers component. The posix timer add() function attempts to allocate a posix timer ID by starting from a cached ID. This allocation process involves a loop that searches the ID space for a free slot. The loop's termination condition relies on comparing the current ID with the starting ID, but the starting ID is read locklessly, creating a race condition. This race condition can lead to a scenario where a negative starting value is observed, preventing the loop from terminating as intended. While the ID space is large, making an endless loop unlikely, the issue was identified by KCSAN. The problem arises from performing ID operations outside of the hash lock.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.