{
  "threat_severity" : "Moderate",
  "public_date" : "2025-05-02T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: igb: revert rtnl_lock() that causes deadlock",
    "id" : "2363748",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2363748"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nigb: revert rtnl_lock() that causes deadlock\nThe commit 6faee3d4ee8b (\"igb: Add lock to avoid data race\") adds\nrtnl_lock to eliminate a false data race shown below\n(FREE from device detaching)      |   (USE from netdev core)\nigb_remove                         |  igb_ndo_get_vf_config\nigb_disable_sriov                 |  vf >= adapter->vfs_allocated_count?\nkfree(adapter->vf_data)          |\nadapter->vfs_allocated_count = 0 |\n|    memcpy(... adapter->vf_data[vf]\nThe above race will never happen and the extra rtnl_lock causes deadlock\nbelow\n[  141.420169]  <TASK>\n[  141.420672]  __schedule+0x2dd/0x840\n[  141.421427]  schedule+0x50/0xc0\n[  141.422041]  schedule_preempt_disabled+0x11/0x20\n[  141.422678]  __mutex_lock.isra.13+0x431/0x6b0\n[  141.423324]  unregister_netdev+0xe/0x20\n[  141.423578]  igbvf_remove+0x45/0xe0 [igbvf]\n[  141.423791]  pci_device_remove+0x36/0xb0\n[  141.423990]  device_release_driver_internal+0xc1/0x160\n[  141.424270]  pci_stop_bus_device+0x6d/0x90\n[  141.424507]  pci_stop_and_remove_bus_device+0xe/0x20\n[  141.424789]  pci_iov_remove_virtfn+0xba/0x120\n[  141.425452]  sriov_disable+0x2f/0xf0\n[  141.425679]  igb_disable_sriov+0x4e/0x100 [igb]\n[  141.426353]  igb_remove+0xa0/0x130 [igb]\n[  141.426599]  pci_device_remove+0x36/0xb0\n[  141.426796]  device_release_driver_internal+0xc1/0x160\n[  141.427060]  driver_detach+0x44/0x90\n[  141.427253]  bus_remove_driver+0x55/0xe0\n[  141.427477]  pci_unregister_driver+0x2a/0xa0\n[  141.428296]  __x64_sys_delete_module+0x141/0x2b0\n[  141.429126]  ? mntput_no_expire+0x4a/0x240\n[  141.429363]  ? syscall_trace_enter.isra.19+0x126/0x1a0\n[  141.429653]  do_syscall_64+0x5b/0x80\n[  141.429847]  ? exit_to_user_mode_prepare+0x14d/0x1c0\n[  141.430109]  ? syscall_exit_to_user_mode+0x12/0x30\n[  141.430849]  ? do_syscall_64+0x67/0x80\n[  141.431083]  ? syscall_exit_to_user_mode_prepare+0x183/0x1b0\n[  141.431770]  ? syscall_exit_to_user_mode+0x12/0x30\n[  141.432482]  ? do_syscall_64+0x67/0x80\n[  141.432714]  ? exc_page_fault+0x64/0x140\n[  141.432911]  entry_SYSCALL_64_after_hwframe+0x72/0xdc\nSince the igb_disable_sriov() will call pci_disable_sriov() before\nreleasing any resources, the netdev core will synchronize the cleanup to\navoid any races. This patch removes the useless rtnl_(un)lock to guarantee\ncorrectness." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2023-11-14T00:00:00Z",
    "advisory" : "RHSA-2023:7077",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "kernel-0:4.18.0-513.5.1.el8_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6583",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "kernel-0:5.14.0-362.8.1.el9_3"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Fix deferred",
    "package_name" : "kernel-rt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-53060\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-53060\nhttps://lore.kernel.org/linux-cve-announce/2025050209-CVE-2023-53060-7b1c@gregkh/T" ],
  "name" : "CVE-2023-53060",
  "csaw" : false
}