CVE-2023-53090: Vulnerability in Linux Linux
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated by alloc_event_waiters(), but the event field of the waiter structure is not initialized; When copy_from_user() fails in the kfd_wait_on_events() function, it will enter exception handling to release the previously allocated memory of the waiter structure; Due to the event field of the waiters structure being accessed in the free_waiters() function, this results in illegal memory access and system crash, here is the crash log: localhost kernel: RIP: 0010:native_queued_spin_lock_slowpath+0x185/0x1e0 localhost kernel: RSP: 0018:ffffaa53c362bd60 EFLAGS: 00010082 localhost kernel: RAX: ff3d3d6bff4007cb RBX: 0000000000000282 RCX: 00000000002c0000 localhost kernel: RDX: ffff9e855eeacb80 RSI: 000000000000279c RDI: ffffe7088f6a21d0 localhost kernel: RBP: ffffe7088f6a21d0 R08: 00000000002c0000 R09: ffffaa53c362be64 localhost kernel: R10: ffffaa53c362bbd8 R11: 0000000000000001 R12: 0000000000000002 localhost kernel: R13: ffff9e7ead15d600 R14: 0000000000000000 R15: ffff9e7ead15d698 localhost kernel: FS: 0000152a3d111700(0000) GS:ffff9e855ee80000(0000) knlGS:0000000000000000 localhost kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 localhost kernel: CR2: 0000152938000010 CR3: 000000044d7a4000 CR4: 00000000003506e0 localhost kernel: Call Trace: localhost kernel: _raw_spin_lock_irqsave+0x30/0x40 localhost kernel: remove_wait_queue+0x12/0x50 localhost kernel: kfd_wait_on_events+0x1b6/0x490 [hydcu] localhost kernel: ? ftrace_graph_caller+0xa0/0xa0 localhost kernel: kfd_ioctl+0x38c/0x4a0 [hydcu] localhost kernel: ? kfd_ioctl_set_trap_handler+0x70/0x70 [hydcu] localhost kernel: ? kfd_ioctl_create_queue+0x5a0/0x5a0 [hydcu] localhost kernel: ? ftrace_graph_caller+0xa0/0xa0 localhost kernel: __x64_sys_ioctl+0x8e/0xd0 localhost kernel: ? syscall_trace_enter.isra.18+0x143/0x1b0 localhost kernel: do_syscall_64+0x33/0x80 localhost kernel: entry_SYSCALL_64_after_hwframe+0x44/0xa9 localhost kernel: RIP: 0033:0x152a4dff68d7 Allocate the structure with kcalloc, and remove redundant 0-initialization and a redundant loop condition check.
AI Analysis
Technical Summary
CVE-2023-53090 is a vulnerability identified in the Linux kernel specifically within the AMD Kernel Fusion Driver (amdkfd) component, which is part of the Direct Rendering Manager (DRM) subsystem. The flaw arises in the function kfd_wait_on_events(), where the kfd_event_waiter structure is allocated by alloc_event_waiters() but its 'event' field is not properly initialized. When the copy_from_user() call within kfd_wait_on_events() fails, the function enters an exception handling path that attempts to free the previously allocated waiter structure. However, because the 'event' field was never initialized, the subsequent access to this field during the free_waiters() function causes illegal memory access, leading to a system crash. This crash is evidenced by kernel logs showing faults in native_queued_spin_lock_slowpath and related kernel functions. The root cause is a use-after-free or uninitialized memory access bug triggered by a failure in copying data from user space. The patch involves allocating the structure with kcalloc to ensure zero-initialization and removing redundant initialization and loop checks. This vulnerability affects Linux kernel versions identified by the given commit hashes and impacts systems using the AMD GPU driver stack. Exploitation does not require known exploits in the wild yet, but the flaw can cause denial of service through kernel crashes. The vulnerability is technical and low-level, involving kernel memory management and driver event handling.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with AMD GPU support, particularly those using the amdkfd driver. The impact is mainly a denial of service (DoS) condition caused by kernel crashes due to illegal memory access. This can disrupt critical services, especially in environments relying on Linux servers for compute, graphics processing, or HPC workloads that utilize AMD GPUs. Organizations in sectors such as finance, research, telecommunications, and public administration that deploy Linux-based infrastructure with AMD hardware could experience system instability or outages. Although the vulnerability does not appear to allow privilege escalation or remote code execution, the resulting crashes can lead to loss of availability and potential operational disruption. Given the kernel-level nature, recovery may require system reboots and patch deployment. The absence of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to prevent potential exploitation or accidental triggering.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the patch for CVE-2023-53090. Specifically, ensure that the kernel version incorporates the fix where the kfd_event_waiter structure is allocated with kcalloc, guaranteeing zero-initialization of the 'event' field. System administrators should audit their Linux systems to identify those running AMD GPU drivers (amdkfd) and verify kernel versions against the patched commits. In environments where immediate patching is not feasible, consider isolating affected systems or limiting user access to reduce the chance of triggering the vulnerability. Monitoring kernel logs for signs of crashes related to kfd_wait_on_events or native_queued_spin_lock_slowpath can help detect exploitation attempts or accidental triggers. Additionally, coordinate with hardware vendors and Linux distribution maintainers to receive timely updates and advisories. Implementing robust backup and recovery procedures will mitigate downtime caused by potential crashes. Finally, educating system operators about this vulnerability and its symptoms will improve incident response readiness.
Affected Countries
Germany, France, United Kingdom, Netherlands, Sweden, Finland, Poland, Italy, Spain
CVE-2023-53090: Vulnerability in Linux Linux
Description
In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated by alloc_event_waiters(), but the event field of the waiter structure is not initialized; When copy_from_user() fails in the kfd_wait_on_events() function, it will enter exception handling to release the previously allocated memory of the waiter structure; Due to the event field of the waiters structure being accessed in the free_waiters() function, this results in illegal memory access and system crash, here is the crash log: localhost kernel: RIP: 0010:native_queued_spin_lock_slowpath+0x185/0x1e0 localhost kernel: RSP: 0018:ffffaa53c362bd60 EFLAGS: 00010082 localhost kernel: RAX: ff3d3d6bff4007cb RBX: 0000000000000282 RCX: 00000000002c0000 localhost kernel: RDX: ffff9e855eeacb80 RSI: 000000000000279c RDI: ffffe7088f6a21d0 localhost kernel: RBP: ffffe7088f6a21d0 R08: 00000000002c0000 R09: ffffaa53c362be64 localhost kernel: R10: ffffaa53c362bbd8 R11: 0000000000000001 R12: 0000000000000002 localhost kernel: R13: ffff9e7ead15d600 R14: 0000000000000000 R15: ffff9e7ead15d698 localhost kernel: FS: 0000152a3d111700(0000) GS:ffff9e855ee80000(0000) knlGS:0000000000000000 localhost kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 localhost kernel: CR2: 0000152938000010 CR3: 000000044d7a4000 CR4: 00000000003506e0 localhost kernel: Call Trace: localhost kernel: _raw_spin_lock_irqsave+0x30/0x40 localhost kernel: remove_wait_queue+0x12/0x50 localhost kernel: kfd_wait_on_events+0x1b6/0x490 [hydcu] localhost kernel: ? ftrace_graph_caller+0xa0/0xa0 localhost kernel: kfd_ioctl+0x38c/0x4a0 [hydcu] localhost kernel: ? kfd_ioctl_set_trap_handler+0x70/0x70 [hydcu] localhost kernel: ? kfd_ioctl_create_queue+0x5a0/0x5a0 [hydcu] localhost kernel: ? ftrace_graph_caller+0xa0/0xa0 localhost kernel: __x64_sys_ioctl+0x8e/0xd0 localhost kernel: ? syscall_trace_enter.isra.18+0x143/0x1b0 localhost kernel: do_syscall_64+0x33/0x80 localhost kernel: entry_SYSCALL_64_after_hwframe+0x44/0xa9 localhost kernel: RIP: 0033:0x152a4dff68d7 Allocate the structure with kcalloc, and remove redundant 0-initialization and a redundant loop condition check.
AI-Powered Analysis
Technical Analysis
CVE-2023-53090 is a vulnerability identified in the Linux kernel specifically within the AMD Kernel Fusion Driver (amdkfd) component, which is part of the Direct Rendering Manager (DRM) subsystem. The flaw arises in the function kfd_wait_on_events(), where the kfd_event_waiter structure is allocated by alloc_event_waiters() but its 'event' field is not properly initialized. When the copy_from_user() call within kfd_wait_on_events() fails, the function enters an exception handling path that attempts to free the previously allocated waiter structure. However, because the 'event' field was never initialized, the subsequent access to this field during the free_waiters() function causes illegal memory access, leading to a system crash. This crash is evidenced by kernel logs showing faults in native_queued_spin_lock_slowpath and related kernel functions. The root cause is a use-after-free or uninitialized memory access bug triggered by a failure in copying data from user space. The patch involves allocating the structure with kcalloc to ensure zero-initialization and removing redundant initialization and loop checks. This vulnerability affects Linux kernel versions identified by the given commit hashes and impacts systems using the AMD GPU driver stack. Exploitation does not require known exploits in the wild yet, but the flaw can cause denial of service through kernel crashes. The vulnerability is technical and low-level, involving kernel memory management and driver event handling.
Potential Impact
For European organizations, this vulnerability poses a risk primarily to systems running Linux kernels with AMD GPU support, particularly those using the amdkfd driver. The impact is mainly a denial of service (DoS) condition caused by kernel crashes due to illegal memory access. This can disrupt critical services, especially in environments relying on Linux servers for compute, graphics processing, or HPC workloads that utilize AMD GPUs. Organizations in sectors such as finance, research, telecommunications, and public administration that deploy Linux-based infrastructure with AMD hardware could experience system instability or outages. Although the vulnerability does not appear to allow privilege escalation or remote code execution, the resulting crashes can lead to loss of availability and potential operational disruption. Given the kernel-level nature, recovery may require system reboots and patch deployment. The absence of known exploits reduces immediate risk, but the vulnerability should be addressed promptly to prevent potential exploitation or accidental triggering.
Mitigation Recommendations
European organizations should prioritize updating their Linux kernels to versions that include the patch for CVE-2023-53090. Specifically, ensure that the kernel version incorporates the fix where the kfd_event_waiter structure is allocated with kcalloc, guaranteeing zero-initialization of the 'event' field. System administrators should audit their Linux systems to identify those running AMD GPU drivers (amdkfd) and verify kernel versions against the patched commits. In environments where immediate patching is not feasible, consider isolating affected systems or limiting user access to reduce the chance of triggering the vulnerability. Monitoring kernel logs for signs of crashes related to kfd_wait_on_events or native_queued_spin_lock_slowpath can help detect exploitation attempts or accidental triggers. Additionally, coordinate with hardware vendors and Linux distribution maintainers to receive timely updates and advisories. Implementing robust backup and recovery procedures will mitigate downtime caused by potential crashes. Finally, educating system operators about this vulnerability and its symptoms will improve incident response readiness.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- Linux
- Date Reserved
- 2025-05-02T15:51:43.551Z
- Cisa Enriched
- false
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 682d9830c4522896dcbe6f42
Added to database: 5/21/2025, 9:09:04 AM
Last enriched: 7/1/2025, 4:11:44 AM
Last updated: 7/31/2025, 11:18:33 AM
Views: 13
Related Threats
CVE-2025-9092: CWE-400 Uncontrolled Resource Consumption in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0
LowCVE-2025-9089: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9088: Stack-based Buffer Overflow in Tenda AC20
HighCVE-2025-9087: Stack-based Buffer Overflow in Tenda AC20
HighTop Israeli Cybersecurity Director Arrested in US Child Exploitation Sting
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.