CVE-2023-53622
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-07

Last updated on: 2026-02-05

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix possible data races in gfs2_show_options() Some fields such as gt_logd_secs of the struct gfs2_tune are accessed without holding the lock gt_spin in gfs2_show_options(): val = sdp->sd_tune.gt_logd_secs; if (val != 30) seq_printf(s, ",commit=%d", val); And thus can cause data races when gfs2_show_options() and other functions such as gfs2_reconfigure() are concurrently executed: spin_lock(&gt->gt_spin); gt->gt_logd_secs = newargs->ar_commit; To fix these possible data races, the lock sdp->sd_tune.gt_spin is acquired before accessing the fields of gfs2_tune and released after these accesses. Further changes by Andreas: - Don't hold the spin lock over the seq_printf operations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-07
Last Modified
2026-02-05
Generated
2026-06-16
AI Q&A
2025-10-07
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53622
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel From 5.15.160 (inc) to 5.16 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-362 The product contains a concurrent code sequence that requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence operating concurrently.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel's gfs2 filesystem involves possible data races in the function gfs2_show_options(). Specifically, certain fields of the gfs2_tune structure, like gt_logd_secs, are accessed without proper locking (gt_spin), which can lead to concurrent access issues when gfs2_show_options() and other functions like gfs2_reconfigure() run simultaneously. The fix involves acquiring the appropriate spin lock before accessing these fields to prevent data races.

Impact Analysis

This vulnerability can cause data races in the gfs2 filesystem, potentially leading to inconsistent or corrupted data being read or written when multiple functions access shared data concurrently without proper synchronization. This could affect system stability or data integrity on systems using the affected Linux kernel version.

Mitigation Strategies

Apply the patch or update to a Linux kernel version where the gfs2 data race issue in gfs2_show_options() has been fixed. This involves ensuring that the kernel acquires the appropriate spin lock (sdp->sd_tune.gt_spin) before accessing gfs2_tune fields to prevent data races.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53622. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart