CVE-2023-53850
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-09

Last updated on: 2025-12-09

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavf_reset_task() is running, __LINK_STATE_START will be cleared and netif_running() will return false in iavf_reinit_interrupt_scheme(). This will result in iavf_free_traffic_irqs() not being called and a leak as follows: [7632.489326] remove_proc_entry: removing non-empty directory 'irq/999', leaking at least 'iavf-enp24s0f0v0-TxRx-0' [7632.490214] WARNING: CPU: 0 PID: 10 at fs/proc/generic.c:718 remove_proc_entry+0x19b/0x1b0 is shown when pci_disable_msix() is later called. Fix by using the internal adapter state. The traffic IRQs will always exist if state == __IAVF_RUNNING.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-09
Last Modified
2025-12-09
Generated
2026-06-16
AI Q&A
2025-12-09
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53850
EUVD
EUVD-2023-60146
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
intel iavf *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability occurs in the Linux kernel's iavf driver where, if the system attempts to close the network device while the iavf_reset_task() is running, a certain internal state (__LINK_STATE_START) is cleared prematurely. This causes netif_running() to return false in iavf_reinit_interrupt_scheme(), which prevents the function iavf_free_traffic_irqs() from being called. As a result, traffic IRQs (interrupt requests) are not freed properly, leading to a resource leak and warning messages related to non-empty directories and CPU warnings during pci_disable_msix() calls. The fix involves using the internal adapter state to ensure traffic IRQs are always freed when the adapter state is __IAVF_RUNNING.

Impact Analysis

This vulnerability can lead to resource leaks in the system, specifically leaking traffic IRQs when closing the network device. This can cause warnings and potentially degrade system stability or performance over time due to unreleased resources. It may also complicate system maintenance or troubleshooting due to the warning messages generated.

Detection Guidance

This vulnerability can be detected by monitoring system logs for specific warning messages related to the iavf driver. Look for kernel log entries similar to: '[timestamp] remove_proc_entry: removing non-empty directory 'irq/999', leaking at least 'iavf-enp24s0f0v0-TxRx-0'' and warnings like 'WARNING: CPU: 0 PID: 10 at fs/proc/generic.c:718 remove_proc_entry+0x19b/0x1b0'. You can use the command 'dmesg | grep iavf' or 'journalctl -k | grep iavf' to find such messages.

Mitigation Strategies

Immediate mitigation involves updating the Linux kernel to a version where this vulnerability is fixed. The fix ensures that traffic IRQs are properly freed by using the internal adapter state. Until the update is applied, monitor for the warning messages and avoid closing the netdev interface while iavf_reset_task() is running to prevent IRQ leaks.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53850. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart