CVE-2023-53151 (CNNVD-202509-2217)

UNKNOWN
中文标题:
Linux kernel 安全漏洞
英文标题:
md/raid10: prevent soft lockup while flush writes
CVSS分数: N/A
发布时间: 2025-09-15 14:03:19
漏洞类型: 其他
状态: PUBLISHED
数据质量分数: 0.40
数据版本: v5
漏洞描述
中文描述:

Linux kernel是美国Linux基金会的开源操作系统Linux所使用的内核。 Linux kernel存在安全漏洞,该漏洞源于raid10写入刷新时缺少条件调度,可能导致软锁定。

英文描述:

In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing writes, raid1 has cond_resched() while raid10 doesn't, and too many writes can cause soft lockup. Follow up soft lockup can be triggered easily with writeback test for raid10 with ramdisks: watchdog: BUG: soft lockup - CPU#10 stuck for 27s! [md0_raid10:1293] Call Trace: <TASK> call_rcu+0x16/0x20 put_object+0x41/0x80 __delete_object+0x50/0x90 delete_object_full+0x2b/0x40 kmemleak_free+0x46/0xa0 slab_free_freelist_hook.constprop.0+0xed/0x1a0 kmem_cache_free+0xfd/0x300 mempool_free_slab+0x1f/0x30 mempool_free+0x3a/0x100 bio_free+0x59/0x80 bio_put+0xcf/0x2c0 free_r10bio+0xbf/0xf0 raid_end_bio_io+0x78/0xb0 one_write_done+0x8a/0xa0 raid10_end_write_request+0x1b4/0x430 bio_endio+0x175/0x320 brd_submit_bio+0x3b9/0x9b7 [brd] __submit_bio+0x69/0xe0 submit_bio_noacct_nocheck+0x1e6/0x5a0 submit_bio_noacct+0x38c/0x7e0 flush_pending_writes+0xf0/0x240 raid10d+0xac/0x1ed0 Fix the problem by adding cond_resched() to raid10 like what raid1 did. Note that unlimited plugged bio still need to be optimized, for example, in the case of lots of dirty pages writeback, this will take lots of memory and io will spend a long time in plug, hence io latency is bad.

CWE类型:
CWE-667
标签:
(暂无数据)
受影响产品
厂商 产品 版本 版本范围 平台 CPE
Linux Linux - < f45b2fa7678ab385299de345f7e85d05caea386b - cpe:2.3:a:linux:linux:*:*:*:*:*:*:*:*
Linux Linux 2.6.16 - - cpe:2.3:a:linux:linux:2.6.16:*:*:*:*:*:*:*
linux linux_kernel * - - cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
解决方案
中文解决方案:
(暂无数据)
英文解决方案:
(暂无数据)
临时解决方案:
(暂无数据)
参考链接
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
无标题 OTHER
cve.org
访问
CVSS评分详情
暂无CVSS评分信息
时间信息
发布时间:
2025-09-15 14:03:19
修改时间:
2025-09-15 14:03:19
创建时间:
2025-11-11 15:38:48
更新时间:
2026-01-12 02:26:58
利用信息
暂无可利用代码信息
数据源详情
数据源 记录ID 版本 提取时间
CVE cve_CVE-2023-53151 2025-11-11 15:22:14 2025-11-11 07:38:48
NVD nvd_CVE-2023-53151 2025-11-11 14:59:22 2025-11-11 07:46:52
CNNVD cnnvd_CNNVD-202509-2217 2025-11-11 15:12:57 2025-11-11 08:00:11
版本与语言
当前版本: v5
主要语言: EN
支持语言:
EN ZH
安全公告
暂无安全公告信息
变更历史
v5 NVD
2026-01-12 02:26:58
affected_products_count: 2 → 3
查看详细变更
  • affected_products_count: 2 -> 3
v4 CVE
2026-01-12 02:08:55
affected_products_count: 1 → 2
查看详细变更
  • affected_products_count: 1 -> 2
v3 CNNVD
2025-11-11 16:00:11
vulnerability_type: 未提取 → 其他; severity: SeverityLevel.MEDIUM → SeverityLevel.UNKNOWN; cvss_score: 未提取 → 0.0; cnnvd_id: 未提取 → CNNVD-202509-2217; data_sources: ['cve', 'nvd'] → ['cnnvd', 'cve', 'nvd']
查看详细变更
  • vulnerability_type: 未提取 -> 其他
  • severity: SeverityLevel.MEDIUM -> SeverityLevel.UNKNOWN
  • cvss_score: 未提取 -> 0.0
  • cnnvd_id: 未提取 -> CNNVD-202509-2217
  • data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
v2 NVD
2025-11-11 15:46:52
affected_products_count: 9 → 1; data_sources: ['cve'] → ['cve', 'nvd']
查看详细变更
  • affected_products_count: 9 -> 1
  • data_sources: ['cve'] -> ['cve', 'nvd']