{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T11:36:29.143","vulnerabilities":[{"cve":{"id":"CVE-2023-53148","sourceIdentifier":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","published":"2025-09-15T14:15:37.270","lastModified":"2025-11-25T17:03:32.480","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"In the Linux kernel, the following vulnerability has been resolved:\n\nigb: Fix igb_down hung on surprise removal\n\nIn a setup where a Thunderbolt hub connects to Ethernet and a display\nthrough USB Type-C, users may experience a hung task timeout when they\nremove the cable between the PC and the Thunderbolt hub.\nThis is because the igb_down function is called multiple times when\nthe Thunderbolt hub is unplugged. For example, the igb_io_error_detected\ntriggers the first call, and the igb_remove triggers the second call.\nThe second call to igb_down will block at napi_synchronize.\nHere's the call trace:\n    __schedule+0x3b0/0xddb\n    ? __mod_timer+0x164/0x5d3\n    schedule+0x44/0xa8\n    schedule_timeout+0xb2/0x2a4\n    ? run_local_timers+0x4e/0x4e\n    msleep+0x31/0x38\n    igb_down+0x12c/0x22a [igb 6615058754948bfde0bf01429257eb59f13030d4]\n    __igb_close+0x6f/0x9c [igb 6615058754948bfde0bf01429257eb59f13030d4]\n    igb_close+0x23/0x2b [igb 6615058754948bfde0bf01429257eb59f13030d4]\n    __dev_close_many+0x95/0xec\n    dev_close_many+0x6e/0x103\n    unregister_netdevice_many+0x105/0x5b1\n    unregister_netdevice_queue+0xc2/0x10d\n    unregister_netdev+0x1c/0x23\n    igb_remove+0xa7/0x11c [igb 6615058754948bfde0bf01429257eb59f13030d4]\n    pci_device_remove+0x3f/0x9c\n    device_release_driver_internal+0xfe/0x1b4\n    pci_stop_bus_device+0x5b/0x7f\n    pci_stop_bus_device+0x30/0x7f\n    pci_stop_bus_device+0x30/0x7f\n    pci_stop_and_remove_bus_device+0x12/0x19\n    pciehp_unconfigure_device+0x76/0xe9\n    pciehp_disable_slot+0x6e/0x131\n    pciehp_handle_presence_or_link_change+0x7a/0x3f7\n    pciehp_ist+0xbe/0x194\n    irq_thread_fn+0x22/0x4d\n    ? irq_thread+0x1fd/0x1fd\n    irq_thread+0x17b/0x1fd\n    ? irq_forced_thread_fn+0x5f/0x5f\n    kthread+0x142/0x153\n    ? __irq_get_irqchip_state+0x46/0x46\n    ? kthread_associate_blkcg+0x71/0x71\n    ret_from_fork+0x1f/0x30\n\nIn this case, igb_io_error_detected detaches the network interface\nand requests a PCIE slot reset, however, the PCIE reset callback is\nnot being invoked and thus the Ethernet connection breaks down.\nAs the PCIE error in this case is a non-fatal one, requesting a\nslot reset can be avoided.\nThis patch fixes the task hung issue and preserves Ethernet\nconnection by ignoring non-fatal PCIE errors."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-415"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndExcluding":"4.14.322","matchCriteriaId":"90AC7CB1-E8BF-40AF-84E7-2196AD6394B6"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.15","versionEndExcluding":"4.19.291","matchCriteriaId":"D2D2CA9F-4CC4-4AF5-8C6D-E58415AB782E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.20","versionEndExcluding":"5.4.251","matchCriteriaId":"7FA663C4-CA72-4B5A-8592-7354D978F58E"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.5","versionEndExcluding":"5.10.188","matchCriteriaId":"43CAE50A-4A6C-488E-813C-F8DB77C13C8B"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.11","versionEndExcluding":"5.15.150","matchCriteriaId":"CB6C60DE-9E0C-46C5-904D-D4F4031F8E95"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"5.16","versionEndExcluding":"6.1.42","matchCriteriaId":"6E769E6A-7EEF-4FA8-BF41-6CA1CE537361"},{"vulnerable":true,"criteria":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"6.2","versionEndExcluding":"6.4.7","matchCriteriaId":"60A1A1ED-EA6C-42F6-80D3-3316DC7608C7"}]}]}],"references":[{"url":"https://git.kernel.org/stable/c/004d25060c78fc31f66da0fa439c544dda1ac9d5","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/124e39a734cb90658b8f0dc110847bbfc6e33792","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/39695e87d86f0e7d897fba1d2559f825aa20caeb","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/41f63b72a01c0e0ac59ab83fd2d921fcce0f602d","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/994c2ceb70ea99264ccc6f09e6703ca267dad63c","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c2312e1d12b1c3ee4100c173131b102e2aed4d04","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/c9f56f3c7bc908caa772112d3ae71cdd5d18c257","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]},{"url":"https://git.kernel.org/stable/c/fa92c463eba75dcedbd8d689ffdcb83293aaa0c3","source":"416baaa9-dc9f-4396-8d5f-8c081fb06d67","tags":["Patch"]}]}}]}