CVE-2023-54306

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a flaw in the networking subsystem related to TLS. An adversarial receiver keeping the receive window (RWIN) at zero for an extended period can cause tasks to hang indefinitely while waiting for a transmission lock (tx lock). This occurs because the thread holding the tx lock may not release it for hours, potentially impacting system responsiveness. The issue is addressed by utilizing interruptible sleep where possible and rescheduling work if the lock cannot be acquired.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.