{ "affected": [ { "ranges": [ { "events": [ { "introduced": "725e8ec59c56c65fb92e343c10a8842cd0d4f194" }, { "fixed": "ce55024f28589b0012fa2c6b5748ec5a180b7fbe" }, { "fixed": "fe48ba7daefe75bbbefa2426deddc05f2d530d2d" } ], "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "type": "GIT" } ] } ], "database_specific": { "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53329.json" }, "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: fix data race with the pwq-\u003estats[] increment\n\nKCSAN has discovered a data race in kernel/workqueue.c:2598:\n\n[ 1863.554079] ==================================================================\n[ 1863.554118] BUG: KCSAN: data-race in process_one_work / process_one_work\n\n[ 1863.554142] write to 0xffff963d99d79998 of 8 bytes by task 5394 on cpu 27:\n[ 1863.554154] process_one_work (kernel/workqueue.c:2598)\n[ 1863.554166] worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2752)\n[ 1863.554177] kthread (kernel/kthread.c:389)\n[ 1863.554186] ret_from_fork (arch/x86/kernel/process.c:145)\n[ 1863.554197] ret_from_fork_asm (arch/x86/entry/entry_64.S:312)\n\n[ 1863.554213] read to 0xffff963d99d79998 of 8 bytes by task 5450 on cpu 12:\n[ 1863.554224] process_one_work (kernel/workqueue.c:2598)\n[ 1863.554235] worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2752)\n[ 1863.554247] kthread (kernel/kthread.c:389)\n[ 1863.554255] ret_from_fork (arch/x86/kernel/process.c:145)\n[ 1863.554266] ret_from_fork_asm (arch/x86/entry/entry_64.S:312)\n\n[ 1863.554280] value changed: 0x0000000000001766 -\u003e 0x000000000000176a\n\n[ 1863.554295] Reported by Kernel Concurrency Sanitizer on:\n[ 1863.554303] CPU: 12 PID: 5450 Comm: kworker/u64:1 Tainted: G L 6.5.0-rc6+ #44\n[ 1863.554314] Hardware name: ASRock X670E PG Lightning/X670E PG Lightning, BIOS 1.21 04/26/2023\n[ 1863.554322] Workqueue: btrfs-endio btrfs_end_bio_work [btrfs]\n[ 1863.554941] ==================================================================\n\n lockdep_invariant_state(true);\n→ pwq-\u003estats[PWQ_STAT_STARTED]++;\n trace_workqueue_execute_start(work);\n worker-\u003ecurrent_func(work);\n\nMoving pwq-\u003estats[PWQ_STAT_STARTED]++; before the line\n\n raw_spin_unlock_irq(\u0026pool-\u003elock);\n\nresolves the data race without performance penalty.\n\nKCSAN detected at least one additional data race:\n\n[ 157.834751] ==================================================================\n[ 157.834770] BUG: KCSAN: data-race in process_one_work / process_one_work\n\n[ 157.834793] write to 0xffff9934453f77a0 of 8 bytes by task 468 on cpu 29:\n[ 157.834804] process_one_work (/home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2606)\n[ 157.834815] worker_thread (/home/marvin/linux/kernel/linux_torvalds/./include/linux/list.h:292 /home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2752)\n[ 157.834826] kthread (/home/marvin/linux/kernel/linux_torvalds/kernel/kthread.c:389)\n[ 157.834834] ret_from_fork (/home/marvin/linux/kernel/linux_torvalds/arch/x86/kernel/process.c:145)\n[ 157.834845] ret_from_fork_asm (/home/marvin/linux/kernel/linux_torvalds/arch/x86/entry/entry_64.S:312)\n\n[ 157.834859] read to 0xffff9934453f77a0 of 8 bytes by task 214 on cpu 7:\n[ 157.834868] process_one_work (/home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2606)\n[ 157.834879] worker_thread (/home/marvin/linux/kernel/linux_torvalds/./include/linux/list.h:292 /home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2752)\n[ 157.834890] kthread (/home/marvin/linux/kernel/linux_torvalds/kernel/kthread.c:389)\n[ 157.834897] ret_from_fork (/home/marvin/linux/kernel/linux_torvalds/arch/x86/kernel/process.c:145)\n[ 157.834907] ret_from_fork_asm (/home/marvin/linux/kernel/linux_torvalds/arch/x86/entry/entry_64.S:312)\n\n[ 157.834920] value changed: 0x000000000000052a -\u003e 0x0000000000000532\n\n[ 157.834933] Reported by Kernel Concurrency Sanitizer on:\n[ 157.834941] CPU: 7 PID: 214 Comm: kworker/u64:2 Tainted: G L 6.5.0-rc7-kcsan-00169-g81eaf55a60fc #4\n[ 157.834951] Hardware name: ASRock X670E PG Lightning/X670E PG Lightning, BIOS 1.21 04/26/2023\n[ 157.834958] Workqueue: btrfs-endio btrfs_end_bio_work [btrfs]\n[ 157.835567] ==================================================================\n\nin code:\n\n trace_workqueue_execute_end(work, worker-\u003ecurrent_func);\n→ pwq-\u003estats[PWQ_STAT_COM\n---truncated---", "id": "CVE-2023-53329", "modified": "2026-04-01T23:08:44.069799585Z", "published": "2025-09-16T16:12:05.196Z", "references": [ { "type": "WEB", "url": "https://git.kernel.org/stable/c/ce55024f28589b0012fa2c6b5748ec5a180b7fbe" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/fe48ba7daefe75bbbefa2426deddc05f2d530d2d" }, { "type": "ADVISORY", "url": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53329.json" }, { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53329" }, { "type": "PACKAGE", "url": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git" } ], "schema_version": "1.7.3", "severity": [ { "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ], "summary": "workqueue: fix data race with the pwq-\u003estats[] increment" }