CVE-2023-54088 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queue_lock when removing blkg->q_node When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock has to be held, otherwise, all kinds of bugs(list corruption, hard lockup, ..) can be triggered from blkg_destroy_all().

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

Vendors	Products
Linux	Linux Kernel

No data.

No data.

No data.

References

Link	Providers
https://git.kernel.org/stable/c/083b58373463a6e5ee60ecb135269348f68ad7df
https://git.kernel.org/stable/c/b5dae1cd0d8368b4338430ff93403df67f0b8bcc
https://git.kernel.org/stable/c/c164c7bc9775be7bcc68754bb3431fce5823822e
https://git.kernel.org/stable/c/cd4ffdf56791eec95af01f06bee1ec7665ca75c4

History

Wed, 24 Dec 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: hold queue_lock when removing blkg->q_node When blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock has to be held, otherwise, all kinds of bugs(list corruption, hard lockup, ..) can be triggered from blkg_destroy_all().
Title		blk-cgroup: hold queue_lock when removing blkg->q_node
First Time appeared		Linux Linux linux Kernel
CPEs		cpe:2.3:o:linux:linux_kernel::::::::
Vendors & Products		Linux Linux linux Kernel
References		https://git.kernel.org/stable/c/083b58373463a6e5ee60ecb135269348f68ad7df https://git.kernel.org/stable/c/b5dae1cd0d8368b4338430ff93403df67f0b8bcc https://git.kernel.org/stable/c/c164c7bc9775be7bcc68754bb3431fce5823822e https://git.kernel.org/stable/c/cd4ffdf56791eec95af01f06bee1ec7665ca75c4

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-12-24T13:06:18.216Z

Updated: 2025-12-24T13:06:18.216Z

Reserved: 2025-12-24T13:02:52.515Z

Link: CVE-2023-54088

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-12-24T13:16:10.667

Modified: 2025-12-24T13:16:10.667

Link: CVE-2023-54088

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2023-54088", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-12-24T13:02:52.515Z", "datePublished": "2025-12-24T13:06:18.216Z", "dateUpdated": "2025-12-24T13:06:18.216Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-12-24T13:06:18.216Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nblk-cgroup: hold queue_lock when removing blkg->q_node\n\nWhen blkg is removed from q->blkg_list from blkg_free_workfn(), queue_lock\nhas to be held, otherwise, all kinds of bugs(list corruption, hard lockup,\n..) can be triggered from blkg_destroy_all()."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-cgroup.c"], "versions": [{"version": "81c1188905f88b77743d1fdeeedfc8cb7b67787d", "lessThan": "b5dae1cd0d8368b4338430ff93403df67f0b8bcc", "status": "affected", "versionType": "git"}, {"version": "bfe46d2efe46c5c952f982e2ca94fe2ec5e58e2a", "lessThan": "083b58373463a6e5ee60ecb135269348f68ad7df", "status": "affected", "versionType": "git"}, {"version": "f1c006f1c6850c14040f8337753a63119bba39b9", "lessThan": "cd4ffdf56791eec95af01f06bee1ec7665ca75c4", "status": "affected", "versionType": "git"}, {"version": "f1c006f1c6850c14040f8337753a63119bba39b9", "lessThan": "c164c7bc9775be7bcc68754bb3431fce5823822e", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["block/blk-cgroup.c"], "versions": [{"version": "6.3", "status": "affected"}, {"version": "0", "lessThan": "6.3", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.17", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.2.4", "lessThanOrEqual": "6.2.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.12", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1.16", "versionEndExcluding": "6.1.17"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.2.3", "versionEndExcluding": "6.2.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3", "versionEndExcluding": "6.4.12"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.3", "versionEndExcluding": "6.5"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/b5dae1cd0d8368b4338430ff93403df67f0b8bcc"}, {"url": "https://git.kernel.org/stable/c/083b58373463a6e5ee60ecb135269348f68ad7df"}, {"url": "https://git.kernel.org/stable/c/cd4ffdf56791eec95af01f06bee1ec7665ca75c4"}, {"url": "https://git.kernel.org/stable/c/c164c7bc9775be7bcc68754bb3431fce5823822e"}], "title": "blk-cgroup: hold queue_lock when removing blkg->q_node", "x_generator": {"engine": "bippy-1.2.0"}}}}