CVE-2023-53730

一、漏洞信息
 漏洞编号：[CVE-2023-53730](https://nvd.nist.gov/vuln/detail/CVE-2023-53730)
 漏洞归属组件：[kernel](https://gitee.com/src-openeuler/kernel)
 漏洞归属的版本：4.19.140,4.19.194,4.19.90,5.10.0,6.1.19,6.4.0,6.6.0
 CVSS V3.0分值：
  BaseScore：N/A None
  Vector：CVSS：3.0/
 漏洞简述：
  In the Linux kernel, the following vulnerability has been resolved:blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_costadjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabledwhen unlock. DEADLOCK might happen if we have held other locks and disabledIRQ before invoking it.Fix it by using spin_lock_irqsave() instead, which can keep IRQ stateconsistent with before when unlock.  ================================  WARNING: inconsistent lock state  5.10.0-02758-g8e5f91fd772f #26 Not tainted  --------------------------------  inconsistent {IN-HARDIRQ-W} -> {HARDIRQ-ON-W} usage.  kworker/2:3/388 [HC0[0]:SC0[0]:HE0:SE1] takes:  ffff888118c00c28 (&bfqd->lock){?.-.}-{2:2}, at: spin_lock_irq  ffff888118c00c28 (&bfqd->lock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390  {IN-HARDIRQ-W} state was registered at:    __lock_acquire+0x3d7/0x1070    lock_acquire+0x197/0x4a0    __raw_spin_lock_irqsave    _raw_spin_lock_irqsave+0x3b/0x60    bfq_idle_slice_timer_body    bfq_idle_slice_timer+0x53/0x1d0    __run_hrtimer+0x477/0xa70    __hrtimer_run_queues+0x1c6/0x2d0    hrtimer_interrupt+0x302/0x9e0    local_apic_timer_interrupt    __sysvec_apic_timer_interrupt+0xfd/0x420    run_sysvec_on_irqstack_cond    sysvec_apic_timer_interrupt+0x46/0xa0    asm_sysvec_apic_timer_interrupt+0x12/0x20  irq event stamp: 837522  hardirqs last  enabled at (837521): [<ffffffff84b9419d>] __raw_spin_unlock_irqrestore  hardirqs last  enabled at (837521): [<ffffffff84b9419d>] _raw_spin_unlock_irqrestore+0x3d/0x40  hardirqs last disabled at (837522): [<ffffffff84b93fa3>] __raw_spin_lock_irq  hardirqs last disabled at (837522): [<ffffffff84b93fa3>] _raw_spin_lock_irq+0x43/0x50  softirqs last  enabled at (835852): [<ffffffff84e00558>] __do_softirq+0x558/0x8ec  softirqs last disabled at (835845): [<ffffffff84c010ff>] asm_call_irq_on_stack+0xf/0x20  other info that might help us debug this:   Possible unsafe locking scenario:         CPU0         ----    lock(&bfqd->lock);    <Interrupt>      lock(&bfqd->lock);   *** DEADLOCK ***  3 locks held by kworker/2:3/388:   #0: ffff888107af0f38 ((wq_completion)kthrotld){+.+.}-{0:0}, at: process_one_work+0x742/0x13f0   #1: ffff8881176bfdd8 ((work_completion)(&td->dispatch_work)){+.+.}-{0:0}, at: process_one_work+0x777/0x13f0   #2: ffff888118c00c28 (&bfqd->lock){?.-.}-{2:2}, at: spin_lock_irq   #2: ffff888118c00c28 (&bfqd->lock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390  stack backtrace:  CPU: 2 PID: 388 Comm: kworker/2:3 Not tainted 5.10.0-02758-g8e5f91fd772f #26  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014  Workqueue: kthrotld blk_throtl_dispatch_work_fn  Call Trace:   __dump_stack lib/dump_stack.c:77 [inline]   dump_stack+0x107/0x167   print_usage_bug   valid_state   mark_lock_irq.cold+0x32/0x3a   mark_lock+0x693/0xbc0   mark_held_locks+0x9e/0xe0   __trace_hardirqs_on_caller   lockdep_hardirqs_on_prepare.part.0+0x151/0x360   trace_hardirqs_on+0x5b/0x180   __raw_spin_unlock_irq   _raw_spin_unlock_irq+0x24/0x40   spin_unlock_irq   adjust_inuse_and_calc_cost+0x4fb/0x970   ioc_rqos_merge+0x277/0x740   __rq_qos_merge+0x62/0xb0   rq_qos_merge   bio_attempt_back_merge+0x12c/0x4a0   blk_mq_sched_try_merge+0x1b6/0x4d0   bfq_bio_merge+0x24a/0x390   __blk_mq_sched_bio_merge+0xa6/0x460   blk_mq_sched_bio_merge   blk_mq_submit_bio+0x2e7/0x1ee0   __submit_bio_noacct_mq+0x175/0x3b0   submit_bio_noacct+0x1fb/0x270   blk_throtl_dispatch_work_fn+0x1ef/0x2b0   process_one_work+0x83e/0x13f0   process_scheduled_works   worker_thread+0x7e3/0xd80   kthread+0x353/0x470   ret_from_fork+0x1f/0x30
 漏洞公开时间：2025-10-22 22:15:48
 漏洞创建时间：2025-10-22 22:25:34
 漏洞详情参考链接：
  https://nvd.nist.gov/vuln/detail/CVE-2023-53730
<details>
<summary>更多参考(点击展开)</summary>

| 参考来源 | 参考链接 | 来源链接 |
| ------- | -------- | -------- |
|  | https://git.kernel.org/stable/c/8563b58a4360e648ce18f0e98a75a4be51667431 |  |
|  | https://git.kernel.org/stable/c/eb120c0aff5ceab9c9c46b87f302465bbf2bbaed |  |
|  | https://git.kernel.org/stable/c/8d211554679d0b23702bd32ba04aeac0c1c4f660 |  |
|  | https://nvd.nist.gov/vuln/detail/CVE-2023-53730 |  |
|  | https://bugzilla.redhat.com/show_bug.cgi?id=2405738 |  |
|  | https://git.kernel.org/stable/c/8ceeb3fc86a83700bb1585c189006080a47e8506 |  |
|  | https://www.cve.org/CVERecord?id=CVE-2023-53730 |  |
|  | https://git.kernel.org/stable/c/9279a1b74ad98039d5d44d26b9e7a9cfe655b6d3 |  |
|  | https://lore.kernel.org/linux-cve-announce/2025102216-CVE-2023-53730-d257@gregkh/T |  |
|  | https://lore.kernel.org/linux-cve-announce/2025102216-CVE-2023-53730-d257@gregkh/T/#u |  |
|  | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-53730 |  |
|  | https://git.kernel.org/stable/c/3376c4fe2db4aea2dc721a27a999c41fdb45b54f |  |

</details>

漏洞分析指导链接：
  https://gitee.com/openeuler/cve-manager/blob/master/cve-vulner-manager/doc/md/manual.md
 漏洞数据来源:
  七彩瞬析开源风险感知平台
 漏洞补丁信息：
  <details>
<summary>详情(点击展开)</summary>

| 影响的包 | 修复版本 | 修复补丁 | 问题引入补丁 | 来源  |
| ------- | -------- | ------- | -------- | --------- |
| gregkh/linux |  | https://git.kernel.org/stable/c/8563b58a4360e648ce18f0e98a75a4be51667431 |  | ljqc |
| gregkh/linux |  | https://git.kernel.org/stable/c/eb120c0aff5ceab9c9c46b87f302465bbf2bbaed |  | ljqc |
| gregkh/linux |  | https://git.kernel.org/stable/c/8ceeb3fc86a83700bb1585c189006080a47e8506 |  | ljqc |
| gregkh/linux |  | https://git.kernel.org/stable/c/9279a1b74ad98039d5d44d26b9e7a9cfe655b6d3 |  | ljqc |
| gregkh/linux |  | https://git.kernel.org/stable/c/3376c4fe2db4aea2dc721a27a999c41fdb45b54f |  | ljqc |
| gregkh/linux |  | https://git.kernel.org/stable/c/8d211554679d0b23702bd32ba04aeac0c1c4f660 |  | ljqc |
|  |  | https://git.kernel.org/stable/c/8563b58a4360e648ce18f0e98a75a4be51667431 |  | cvelistv5 |
|  |  | https://git.kernel.org/stable/c/eb120c0aff5ceab9c9c46b87f302465bbf2bbaed |  | cvelistv5 |
|  |  | https://git.kernel.org/stable/c/8d211554679d0b23702bd32ba04aeac0c1c4f660 |  | cvelistv5 |
|  |  | https://git.kernel.org/stable/c/8ceeb3fc86a83700bb1585c189006080a47e8506 |  | cvelistv5 |
|  |  | https://git.kernel.org/stable/c/9279a1b74ad98039d5d44d26b9e7a9cfe655b6d3 |  | cvelistv5 |
|  |  | https://git.kernel.org/stable/c/3376c4fe2db4aea2dc721a27a999c41fdb45b54f |  | cvelistv5 |

</details>

二、漏洞分析结构反馈
 影响性分析说明：
                            In the Linux kernel, the following vulnerability has been resolved:blk-iocost: use spin_lock_irqsave in adjust_inuse_and_calc_costadjust_inuse_and_calc_cost() use spin_lock_irq() and IRQ will be enabledwhen unlock. DEADLOCK might happen if we have held other locks and disabledIRQ before invoking it.Fix it by using spin_lock_irqsave() instead, which can keep IRQ stateconsistent with before when unlock.  ================================  WARNING: inconsistent lock state  5.10.0-02758-g8e5f91fd772f #26 Not tainted  --------------------------------  inconsistent {IN-HARDIRQ-W} -&gt; {HARDIRQ-ON-W} usage.  kworker/2:3/388 [HC0[0]:SC0[0]:HE0:SE1] takes:  ffff888118c00c28 (&#38;bfqd-&gt;lock){?.-.}-{2:2}, at: spin_lock_irq  ffff888118c00c28 (&#38;bfqd-&gt;lock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390  {IN-HARDIRQ-W} state was registered at:    __lock_acquire+0x3d7/0x1070    lock_acquire+0x197/0x4a0    __raw_spin_lock_irqsave    _raw_spin_lock_irqsave+0x3b/0x60    bfq_idle_slice_timer_body    bfq_idle_slice_timer+0x53/0x1d0    __run_hrtimer+0x477/0xa70    __hrtimer_run_queues+0x1c6/0x2d0    hrtimer_interrupt+0x302/0x9e0    local_apic_timer_interrupt    __sysvec_apic_timer_interrupt+0xfd/0x420    run_sysvec_on_irqstack_cond    sysvec_apic_timer_interrupt+0x46/0xa0    asm_sysvec_apic_timer_interrupt+0x12/0x20  irq event stamp: 837522  hardirqs last  enabled at (837521): [&lt;ffffffff84b9419d&gt;] __raw_spin_unlock_irqrestore  hardirqs last  enabled at (837521): [&lt;ffffffff84b9419d&gt;] _raw_spin_unlock_irqrestore+0x3d/0x40  hardirqs last disabled at (837522): [&lt;ffffffff84b93fa3&gt;] __raw_spin_lock_irq  hardirqs last disabled at (837522): [&lt;ffffffff84b93fa3&gt;] _raw_spin_lock_irq+0x43/0x50  softirqs last  enabled at (835852): [&lt;ffffffff84e00558&gt;] __do_softirq+0x558/0x8ec  softirqs last disabled at (835845): [&lt;ffffffff84c010ff&gt;] asm_call_irq_on_stack+0xf/0x20  other info that might help us debug this:   Possible unsafe locking scenario:         CPU0         ----    lock(&#38;bfqd-&gt;lock);    &lt;Interrupt&gt;      lock(&#38;bfqd-&gt;lock);   *** DEADLOCK ***  3 locks held by kworker/2:3/388:   #0: ffff888107af0f38 ((wq_completion)kthrotld){+.+.}-{0:0}, at: process_one_work+0x742/0x13f0   #1: ffff8881176bfdd8 ((work_completion)(&#38;td-&gt;dispatch_work)){+.+.}-{0:0}, at: process_one_work+0x777/0x13f0   #2: ffff888118c00c28 (&#38;bfqd-&gt;lock){?.-.}-{2:2}, at: spin_lock_irq   #2: ffff888118c00c28 (&#38;bfqd-&gt;lock){?.-.}-{2:2}, at: bfq_bio_merge+0x141/0x390  stack backtrace:  CPU: 2 PID: 388 Comm: kworker/2:3 Not tainted 5.10.0-02758-g8e5f91fd772f #26  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014  Workqueue: kthrotld blk_throtl_dispatch_work_fn  Call Trace:   __dump_stack lib/dump_stack.c:77 [inline]   dump_stack+0x107/0x167   print_usage_bug   valid_state   mark_lock_irq.cold+0x32/0x3a   mark_lock+0x693/0xbc0   mark_held_locks+0x9e/0xe0   __trace_hardirqs_on_caller   lockdep_hardirqs_on_prepare.part.0+0x151/0x360   trace_hardirqs_on+0x5b/0x180   __raw_spin_unlock_irq   _raw_spin_unlock_irq+0x24/0x40   spin_unlock_irq   adjust_inuse_and_calc_cost+0x4fb/0x970   ioc_rqos_merge+0x277/0x740   __rq_qos_merge+0x62/0xb0   rq_qos_merge   bio_attempt_back_merge+0x12c/0x4a0   blk_mq_sched_try_merge+0x1b6/0x4d0   bfq_bio_merge+0x24a/0x390   __blk_mq_sched_bio_merge+0xa6/0x460   blk_mq_sched_bio_merge   blk_mq_submit_bio+0x2e7/0x1ee0   __submit_bio_noacct_mq+0x175/0x3b0   submit_bio_noacct+0x1fb/0x270   blk_throtl_dispatch_work_fn+0x1ef/0x2b0   process_one_work+0x83e/0x13f0   process_scheduled_works   worker_thread+0x7e3/0xd80   kthread+0x353/0x470   ret_from_fork+0x1f/0x30The Linux kernel CVE team has assigned CVE-2023-53730 to this issue.             
 openEuler评分：
  5.5
 Vector：CVSS：3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
 受影响版本排查(受影响/不受影响)：
  1.openEuler-22.03-LTS-SP3(5.10.0):受影响
2.openEuler-22.03-LTS-SP4(5.10.0):受影响
3.master(6.12.33):不受影响
4.openEuler-20.03-LTS-SP4(4.19.90):不受影响
5.openEuler-24.03-LTS(6.6.0):不受影响
6.openEuler-24.03-LTS-Next(6.6.0):不受影响
7.openEuler-24.03-LTS-SP1(6.6.0):不受影响
8.openEuler-24.03-LTS-SP2(6.6.0):不受影响

修复是否涉及abi变化(是/否)：
  1.master(6.12.33):否
2.openEuler-20.03-LTS-SP4(4.19.90):否
3.openEuler-22.03-LTS-SP3(5.10.0):否
4.openEuler-22.03-LTS-SP4(5.10.0):否
5.openEuler-24.03-LTS(6.6.0):否
6.openEuler-24.03-LTS-Next(6.6.0):否
7.openEuler-24.03-LTS-SP1(6.6.0):否
8.openEuler-24.03-LTS-SP2(6.6.0):否

原因说明：
  1.openEuler-22.03-LTS-SP3(5.10.0):正常修复
2.openEuler-22.03-LTS-SP4(5.10.0):正常修复
3.master(6.12.33):不受影响-漏洞代码不能被攻击者触发
4.openEuler-24.03-LTS(6.6.0):不受影响-漏洞代码不能被攻击者触发
5.openEuler-24.03-LTS-Next(6.6.0):不受影响-漏洞代码不能被攻击者触发
6.openEuler-24.03-LTS-SP1(6.6.0):不受影响-漏洞代码不能被攻击者触发
7.openEuler-24.03-LTS-SP2(6.6.0):不受影响-漏洞代码不能被攻击者触发
8.openEuler-20.03-LTS-SP4(4.19.90):不受影响-漏洞代码不存在

src-openEuler/kernel

内容风险标识

评论 (7)

src-openEuler/kernel .gitee-modal { width: 500px !important; }

内容风险标识

CVE-2023-53730

评论 (7)

搜索帮助

src-openEuler/kernel