{ "schema_version": "1.4.0", "id": "GHSA-4hgc-47xp-7m5f", "modified": "2025-09-15T15:31:24Z", "published": "2025-09-15T15:31:24Z", "aliases": [ "CVE-2023-53189" ], "details": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6/addrconf: fix a potential refcount underflow for idev\n\nNow in addrconf_mod_rs_timer(), reference idev depends on whether\nrs_timer is not pending. Then modify rs_timer timeout.\n\nThere is a time gap in [1], during which if the pending rs_timer\nbecomes not pending. It will miss to hold idev, but the rs_timer\nis activated. Thus rs_timer callback function addrconf_rs_timer()\nwill be executed and put idev later without holding idev. A refcount\nunderflow issue for idev can be caused by this.\n\n\tif (!timer_pending(&idev->rs_timer))\n\t\tin6_dev_hold(idev);\n\t\t <--------------[1]\n\tmod_timer(&idev->rs_timer, jiffies + when);\n\nTo fix the issue, hold idev if mod_timer() return 0.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-53189" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/06a0716949c22e2aefb648526580671197151acc" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/1f656e483eb4733d62f18dfb206a49b78f60f495" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/2ad31ce40e8182860b631e37209e93e543790b7c" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/436b7cc7eae7851c184b671ed7a4a64c750b86f7" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/82abd1c37d3bf2a2658b34772c17a25a6f9cca42" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/c6395e32935d35e6f935e7caf1c2dac5a95943b4" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/c7eeba47058532f6077d6a658e38b6698f6ae71a" }, { "type": "WEB", "url": "https://git.kernel.org/stable/c/df62fdcd004afa72ecbed0e862ebb983acd3aa57" } ], "database_specific": { "cwe_ids": [], "severity": null, "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2025-09-15T14:15:41Z" } }