{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-14T18:54:37.964","vulnerabilities":[{"cve":{"id":"CVE-2023-52638","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2024-04-03T15:15:51.417","lastModified":"2025-02-03T16:16:43.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\ncan: j1939: prevent deadlock by changing j1939_socks_lock to rwlock\n\nThe following 3 locks would race against each other, causing the\ndeadlock situation in the Syzbot bug report:\n\n- j1939_socks_lock\n- active_session_list_lock\n- sk_session_queue_lock\n\nA reasonable fix is to change j1939_socks_lock to an rwlock, since in\nthe rare situations where a write lock is required for the linked list\nthat j1939_socks_lock is protecting, the code does not attempt to\nacquire any more locks. This would break the circular lock dependency,\nwhere, for example, the current thread already locks j1939_socks_lock\nand attempts to acquire sk_session_queue_lock, and at the same time,\nanother thread attempts to acquire j1939_socks_lock while holding\nsk_session_queue_lock.\n\nNOTE: This patch along does not fix the unregister_netdevice bug\nreported by Syzbot; instead, it solves a deadlock situation to prepare\nfor one or more further patches to actually fix the Syzbot bug, which\nappears to be a reference counting problem within the j1939 codebase.\n\n[mkl: remove unrelated newline change]"},{"lang":"es","value":"En el kernel de Linux, se ha resuelto la siguiente vulnerabilidad: can: j1939: previene el interbloqueo cambiando j1939_socks_lock a rwlock Los siguientes 3 bloqueos competirían entre sí, causando la situación de interbloqueo en el informe de error de Syzbot: - j1939_socks_lock - active_session_list_lock - sk_session_queue_lock A Una solución razonable es cambiar j1939_socks_lock por un rwlock, ya que en las raras situaciones en las que se requiere un bloqueo de escritura para la lista vinculada que j1939_socks_lock está protegiendo, el código no intenta adquirir más bloqueos. Esto rompería la dependencia del bloqueo circular, donde, por ejemplo, el subproceso actual ya bloquea j1939_socks_lock e intenta adquirir sk_session_queue_lock y, al mismo tiempo, otro subproceso intenta adquirir j1939_socks_lock mientras mantiene sk_session_queue_lock. NOTA: Este parche no soluciona el error unregister_netdevice informado por Syzbot; en cambio, resuelve una situación de punto muerto para prepararse para uno o más parches adicionales para corregir el error Syzbot, que parece ser un problema de conteo de referencias dentro del código base j1939. [mkl: eliminar cambio de nueva línea no relacionado]"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1\/AV:L\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:H","baseScore":5.5,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":3.6}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-667"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"5.15.149","matchCriteriaId":"78D569F8-1D0B-426D-84B5-EFFE28C63F33"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.79","matchCriteriaId":"656E2F29-1779-4EFC-AA64-8F984E2885B1"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.6.18","matchCriteriaId":"BD961E49-FEDA-47CF-BF23-4D2BD942B4E0"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.7","versionEndExcluding":"6.7.6","matchCriteriaId":"C6D6A5C8-7308-42A9-8A72-ABF3DEA4BB82"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*","matchCriteriaId":"B9F4EA73-0894-400F-A490-3A397AB7A517"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*","matchCriteriaId":"056BD938-0A27-4569-B391-30578B309EE3"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*","matchCriteriaId":"F02056A5-B362-4370-9FF8-6F0BD384D520"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*","matchCriteriaId":"62075ACE-B2A0-4B16-829D-B3DA5AE5CC41"}]}]}],"references":[{"url":"https:\/\/git.kernel.org\/stable\/c\/03358aba991668d3bb2c65b3c82aa32c36851170","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/26dfe112ec2e95fe0099681f6aec33da13c2dd8e","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/559b6322f9480bff68cfa98d108991e945a4f284","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/6cdedc18ba7b9dacc36466e27e3267d201948c8d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/aedda066d717a0b4335d7e0a00b2e3a61e40afcf","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/03358aba991668d3bb2c65b3c82aa32c36851170","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/26dfe112ec2e95fe0099681f6aec33da13c2dd8e","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/559b6322f9480bff68cfa98d108991e945a4f284","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/6cdedc18ba7b9dacc36466e27e3267d201948c8d","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"https:\/\/git.kernel.org\/stable\/c\/aedda066d717a0b4335d7e0a00b2e3a61e40afcf","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]}]}}]}