DEBIAN-CVE-2023-53615

DEBIAN-CVE-2023-53615 PUBLISHED CVSS 4.699999809265137 MEDIUM

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the link list corruption is due to session deletion was allowed to queue up twice. Here's the internal trace that show the same port was allowed to double queue for deletion on different cpu. 20808683956 015 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1 20808683957 027 qla2xxx [0000:13:00.1]-e801:4: Scheduling sess ffff93ebf9306800 for deletion 50:06:0e:80:12:48:ff:50 fc4_type 1 Move the clearing/setting of deleted flag lock.

Risk Scores

CVSS v3.1

4.699999809265137

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	linux	0, 0, 0
Debian:12	linux	6.1.55-1~bpo11+1, 6.1.38-4, 6.1.38-1
Debian:14	linux	0, 0, 0
Debian:11	linux	5.10.120-1, 5.10.127-1, 5.10.127-2

Timeline

Oct 4, 2025 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-53615 advisory

Open in Interactive Console →