CVE-2023-54268
Unknown Unknown - Not Provided
Lockdep Warning in Linux Kernel debugobjects Causes Deadlock Risk

Publication date: 2025-12-30

Last updated on: 2025-12-30

Assigner: kernel.org

Description
In the Linux kernel, the following vulnerability has been resolved: debugobjects: Don't wake up kswapd from fill_pool() syzbot is reporting a lockdep warning in fill_pool() because the allocation from debugobjects is using GFP_ATOMIC, which is (__GFP_HIGH | __GFP_KSWAPD_RECLAIM) and therefore tries to wake up kswapd, which acquires kswapd_wait::lock. Since fill_pool() might be called with arbitrary locks held, fill_pool() should not assume that acquiring kswapd_wait::lock is safe. Use __GFP_HIGH instead and remove __GFP_NORETRY as it is pointless for !__GFP_DIRECT_RECLAIM allocation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-30
Last Modified
2025-12-30
Generated
2026-06-16
AI Q&A
2025-12-30
EPSS Evaluated
2026-06-15
NVD
CVE-2023-54268
EUVD
EUVD-2023-60373
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
linux linux_kernel *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-UNKNOWN
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the Linux kernel involves the debugobjects component where the fill_pool() function uses GFP_ATOMIC allocation flags that can wake up the kswapd process. This is problematic because fill_pool() might be called while arbitrary locks are held, and waking up kswapd requires acquiring a lock (kswapd_wait::lock) that may not be safe to acquire in that context. The fix involves changing the allocation flags to __GFP_HIGH and removing __GFP_NORETRY to avoid waking up kswapd and prevent potential lock dependency issues.

Impact Analysis

This vulnerability can lead to lock dependency warnings and potentially unsafe locking behavior in the Linux kernel, which might cause system instability or deadlocks if fill_pool() is called with locks held and kswapd is woken up improperly. This could affect system reliability and performance.

Mitigation Strategies

The vulnerability has been resolved by modifying the Linux kernel code to avoid waking up kswapd from fill_pool() when it is unsafe. To mitigate this vulnerability, you should update your Linux kernel to a version that includes this fix where fill_pool() uses __GFP_HIGH instead of GFP_ATOMIC and removes __GFP_NORETRY for the relevant allocations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-54268. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart