CVE-2023-54236 (GCVE-0-2023-54236)
Vulnerability from cvelistv5
Published
2025-12-30 12:11
Modified
2025-12-30 12:11
Severity ?
VLAI Severity ?
EPSS score ?
Summary
In the Linux kernel, the following vulnerability has been resolved:
net/net_failover: fix txq exceeding warning
The failover txq is inited as 16 queues.
when a packet is transmitted from the failover device firstly,
the failover device will select the queue which is returned from
the primary device if the primary device is UP and running.
If the primary device txq is bigger than the default 16,
it can lead to the following warning:
eth0 selects TX queue 18, but real number of TX queues is 16
The warning backtrace is:
[ 32.146376] CPU: 18 PID: 9134 Comm: chronyd Tainted: G E 6.2.8-1.el7.centos.x86_64 #1
[ 32.147175] Hardware name: Red Hat KVM, BIOS 1.10.2-3.el7_4.1 04/01/2014
[ 32.147730] Call Trace:
[ 32.147971] <TASK>
[ 32.148183] dump_stack_lvl+0x48/0x70
[ 32.148514] dump_stack+0x10/0x20
[ 32.148820] netdev_core_pick_tx+0xb1/0xe0
[ 32.149180] __dev_queue_xmit+0x529/0xcf0
[ 32.149533] ? __check_object_size.part.0+0x21c/0x2c0
[ 32.149967] ip_finish_output2+0x278/0x560
[ 32.150327] __ip_finish_output+0x1fe/0x2f0
[ 32.150690] ip_finish_output+0x2a/0xd0
[ 32.151032] ip_output+0x7a/0x110
[ 32.151337] ? __pfx_ip_finish_output+0x10/0x10
[ 32.151733] ip_local_out+0x5e/0x70
[ 32.152054] ip_send_skb+0x19/0x50
[ 32.152366] udp_send_skb.isra.0+0x163/0x3a0
[ 32.152736] udp_sendmsg+0xba8/0xec0
[ 32.153060] ? __folio_memcg_unlock+0x25/0x60
[ 32.153445] ? __pfx_ip_generic_getfrag+0x10/0x10
[ 32.153854] ? sock_has_perm+0x85/0xa0
[ 32.154190] inet_sendmsg+0x6d/0x80
[ 32.154508] ? inet_sendmsg+0x6d/0x80
[ 32.154838] sock_sendmsg+0x62/0x70
[ 32.155152] ____sys_sendmsg+0x134/0x290
[ 32.155499] ___sys_sendmsg+0x81/0xc0
[ 32.155828] ? _get_random_bytes.part.0+0x79/0x1a0
[ 32.156240] ? ip4_datagram_release_cb+0x5f/0x1e0
[ 32.156649] ? get_random_u16+0x69/0xf0
[ 32.156989] ? __fget_light+0xcf/0x110
[ 32.157326] __sys_sendmmsg+0xc4/0x210
[ 32.157657] ? __sys_connect+0xb7/0xe0
[ 32.157995] ? __audit_syscall_entry+0xce/0x140
[ 32.158388] ? syscall_trace_enter.isra.0+0x12c/0x1a0
[ 32.158820] __x64_sys_sendmmsg+0x24/0x30
[ 32.159171] do_syscall_64+0x38/0x90
[ 32.159493] entry_SYSCALL_64_after_hwframe+0x72/0xdc
Fix that by reducing txq number as the non-existent primary-dev does.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux | Linux |
Version: cfc80d9a11635404a40199a1c9471c96890f3f74 Version: cfc80d9a11635404a40199a1c9471c96890f3f74 Version: cfc80d9a11635404a40199a1c9471c96890f3f74 Version: cfc80d9a11635404a40199a1c9471c96890f3f74 Version: cfc80d9a11635404a40199a1c9471c96890f3f74 Version: cfc80d9a11635404a40199a1c9471c96890f3f74 |
||
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"drivers/net/net_failover.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "105cc268328231d5c2bfcbd03f265cec444a3492",
"status": "affected",
"version": "cfc80d9a11635404a40199a1c9471c96890f3f74",
"versionType": "git"
},
{
"lessThan": "f032e125149d914e542548c17ebd613851031368",
"status": "affected",
"version": "cfc80d9a11635404a40199a1c9471c96890f3f74",
"versionType": "git"
},
{
"lessThan": "2d5cebf57296f0189a61482035ad420384eedead",
"status": "affected",
"version": "cfc80d9a11635404a40199a1c9471c96890f3f74",
"versionType": "git"
},
{
"lessThan": "c942f5cd63b7c2e73fe06744185a34b03267595b",
"status": "affected",
"version": "cfc80d9a11635404a40199a1c9471c96890f3f74",
"versionType": "git"
},
{
"lessThan": "44d250c22209c680f61befbc2ac326da5452da01",
"status": "affected",
"version": "cfc80d9a11635404a40199a1c9471c96890f3f74",
"versionType": "git"
},
{
"lessThan": "e3cbdcb0fbb61045ef3ce0e072927cc41737f787",
"status": "affected",
"version": "cfc80d9a11635404a40199a1c9471c96890f3f74",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"drivers/net/net_failover.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "4.18"
},
{
"lessThan": "4.18",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.4.*",
"status": "unaffected",
"version": "5.4.240",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.10.*",
"status": "unaffected",
"version": "5.10.177",
"versionType": "semver"
},
{
"lessThanOrEqual": "5.15.*",
"status": "unaffected",
"version": "5.15.106",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.1.*",
"status": "unaffected",
"version": "6.1.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.*",
"status": "unaffected",
"version": "6.2.10",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "6.3",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.240",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.10.177",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.15.106",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.23",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.2.10",
"versionStartIncluding": "4.18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.3",
"versionStartIncluding": "4.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/net_failover: fix txq exceeding warning\n\nThe failover txq is inited as 16 queues.\nwhen a packet is transmitted from the failover device firstly,\nthe failover device will select the queue which is returned from\nthe primary device if the primary device is UP and running.\nIf the primary device txq is bigger than the default 16,\nit can lead to the following warning:\neth0 selects TX queue 18, but real number of TX queues is 16\n\nThe warning backtrace is:\n[ 32.146376] CPU: 18 PID: 9134 Comm: chronyd Tainted: G E 6.2.8-1.el7.centos.x86_64 #1\n[ 32.147175] Hardware name: Red Hat KVM, BIOS 1.10.2-3.el7_4.1 04/01/2014\n[ 32.147730] Call Trace:\n[ 32.147971] \u003cTASK\u003e\n[ 32.148183] dump_stack_lvl+0x48/0x70\n[ 32.148514] dump_stack+0x10/0x20\n[ 32.148820] netdev_core_pick_tx+0xb1/0xe0\n[ 32.149180] __dev_queue_xmit+0x529/0xcf0\n[ 32.149533] ? __check_object_size.part.0+0x21c/0x2c0\n[ 32.149967] ip_finish_output2+0x278/0x560\n[ 32.150327] __ip_finish_output+0x1fe/0x2f0\n[ 32.150690] ip_finish_output+0x2a/0xd0\n[ 32.151032] ip_output+0x7a/0x110\n[ 32.151337] ? __pfx_ip_finish_output+0x10/0x10\n[ 32.151733] ip_local_out+0x5e/0x70\n[ 32.152054] ip_send_skb+0x19/0x50\n[ 32.152366] udp_send_skb.isra.0+0x163/0x3a0\n[ 32.152736] udp_sendmsg+0xba8/0xec0\n[ 32.153060] ? __folio_memcg_unlock+0x25/0x60\n[ 32.153445] ? __pfx_ip_generic_getfrag+0x10/0x10\n[ 32.153854] ? sock_has_perm+0x85/0xa0\n[ 32.154190] inet_sendmsg+0x6d/0x80\n[ 32.154508] ? inet_sendmsg+0x6d/0x80\n[ 32.154838] sock_sendmsg+0x62/0x70\n[ 32.155152] ____sys_sendmsg+0x134/0x290\n[ 32.155499] ___sys_sendmsg+0x81/0xc0\n[ 32.155828] ? _get_random_bytes.part.0+0x79/0x1a0\n[ 32.156240] ? ip4_datagram_release_cb+0x5f/0x1e0\n[ 32.156649] ? get_random_u16+0x69/0xf0\n[ 32.156989] ? __fget_light+0xcf/0x110\n[ 32.157326] __sys_sendmmsg+0xc4/0x210\n[ 32.157657] ? __sys_connect+0xb7/0xe0\n[ 32.157995] ? __audit_syscall_entry+0xce/0x140\n[ 32.158388] ? syscall_trace_enter.isra.0+0x12c/0x1a0\n[ 32.158820] __x64_sys_sendmmsg+0x24/0x30\n[ 32.159171] do_syscall_64+0x38/0x90\n[ 32.159493] entry_SYSCALL_64_after_hwframe+0x72/0xdc\n\nFix that by reducing txq number as the non-existent primary-dev does."
}
],
"providerMetadata": {
"dateUpdated": "2025-12-30T12:11:26.373Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/105cc268328231d5c2bfcbd03f265cec444a3492"
},
{
"url": "https://git.kernel.org/stable/c/f032e125149d914e542548c17ebd613851031368"
},
{
"url": "https://git.kernel.org/stable/c/2d5cebf57296f0189a61482035ad420384eedead"
},
{
"url": "https://git.kernel.org/stable/c/c942f5cd63b7c2e73fe06744185a34b03267595b"
},
{
"url": "https://git.kernel.org/stable/c/44d250c22209c680f61befbc2ac326da5452da01"
},
{
"url": "https://git.kernel.org/stable/c/e3cbdcb0fbb61045ef3ce0e072927cc41737f787"
}
],
"title": "net/net_failover: fix txq exceeding warning",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2023-54236",
"datePublished": "2025-12-30T12:11:26.373Z",
"dateReserved": "2025-12-30T12:06:44.508Z",
"dateUpdated": "2025-12-30T12:11:26.373Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-54236\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2025-12-30T13:16:12.067\",\"lastModified\":\"2025-12-30T13:16:12.067\",\"vulnStatus\":\"Received\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet/net_failover: fix txq exceeding warning\\n\\nThe failover txq is inited as 16 queues.\\nwhen a packet is transmitted from the failover device firstly,\\nthe failover device will select the queue which is returned from\\nthe primary device if the primary device is UP and running.\\nIf the primary device txq is bigger than the default 16,\\nit can lead to the following warning:\\neth0 selects TX queue 18, but real number of TX queues is 16\\n\\nThe warning backtrace is:\\n[ 32.146376] CPU: 18 PID: 9134 Comm: chronyd Tainted: G E 6.2.8-1.el7.centos.x86_64 #1\\n[ 32.147175] Hardware name: Red Hat KVM, BIOS 1.10.2-3.el7_4.1 04/01/2014\\n[ 32.147730] Call Trace:\\n[ 32.147971] \u003cTASK\u003e\\n[ 32.148183] dump_stack_lvl+0x48/0x70\\n[ 32.148514] dump_stack+0x10/0x20\\n[ 32.148820] netdev_core_pick_tx+0xb1/0xe0\\n[ 32.149180] __dev_queue_xmit+0x529/0xcf0\\n[ 32.149533] ? __check_object_size.part.0+0x21c/0x2c0\\n[ 32.149967] ip_finish_output2+0x278/0x560\\n[ 32.150327] __ip_finish_output+0x1fe/0x2f0\\n[ 32.150690] ip_finish_output+0x2a/0xd0\\n[ 32.151032] ip_output+0x7a/0x110\\n[ 32.151337] ? __pfx_ip_finish_output+0x10/0x10\\n[ 32.151733] ip_local_out+0x5e/0x70\\n[ 32.152054] ip_send_skb+0x19/0x50\\n[ 32.152366] udp_send_skb.isra.0+0x163/0x3a0\\n[ 32.152736] udp_sendmsg+0xba8/0xec0\\n[ 32.153060] ? __folio_memcg_unlock+0x25/0x60\\n[ 32.153445] ? __pfx_ip_generic_getfrag+0x10/0x10\\n[ 32.153854] ? sock_has_perm+0x85/0xa0\\n[ 32.154190] inet_sendmsg+0x6d/0x80\\n[ 32.154508] ? inet_sendmsg+0x6d/0x80\\n[ 32.154838] sock_sendmsg+0x62/0x70\\n[ 32.155152] ____sys_sendmsg+0x134/0x290\\n[ 32.155499] ___sys_sendmsg+0x81/0xc0\\n[ 32.155828] ? _get_random_bytes.part.0+0x79/0x1a0\\n[ 32.156240] ? ip4_datagram_release_cb+0x5f/0x1e0\\n[ 32.156649] ? get_random_u16+0x69/0xf0\\n[ 32.156989] ? __fget_light+0xcf/0x110\\n[ 32.157326] __sys_sendmmsg+0xc4/0x210\\n[ 32.157657] ? __sys_connect+0xb7/0xe0\\n[ 32.157995] ? __audit_syscall_entry+0xce/0x140\\n[ 32.158388] ? syscall_trace_enter.isra.0+0x12c/0x1a0\\n[ 32.158820] __x64_sys_sendmmsg+0x24/0x30\\n[ 32.159171] do_syscall_64+0x38/0x90\\n[ 32.159493] entry_SYSCALL_64_after_hwframe+0x72/0xdc\\n\\nFix that by reducing txq number as the non-existent primary-dev does.\"}],\"metrics\":{},\"references\":[{\"url\":\"https://git.kernel.org/stable/c/105cc268328231d5c2bfcbd03f265cec444a3492\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/2d5cebf57296f0189a61482035ad420384eedead\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/44d250c22209c680f61befbc2ac326da5452da01\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/c942f5cd63b7c2e73fe06744185a34b03267595b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/e3cbdcb0fbb61045ef3ce0e072927cc41737f787\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"},{\"url\":\"https://git.kernel.org/stable/c/f032e125149d914e542548c17ebd613851031368\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…