CVE-2023-52872 – A race condition in the Linux kernel's GSM mult... (How to Fix)

Q: What is the severity of CVE-2023-52872?

CVE-2023-52872 has a CVSS score of 5.5 (MEDIUM). A race condition in the Linux kernel's GSM multiplexer driver (n_gsm) can cause a kernel panic when cleaning up dead connections. This vulnerability allows local attackers to crash the system by triggering status line changes during cleanup procedures. Systems using GSM modem functionality through the n_gsm driver are affected.

📋 TL;DR

A race condition in the Linux kernel's GSM multiplexer driver (n_gsm) can cause a kernel panic when cleaning up dead connections. This vulnerability allows local attackers to crash the system by triggering status line changes during cleanup procedures. Systems using GSM modem functionality through the n_gsm driver are affected.

💻 Affected Systems

Products:

Linux kernel

Versions: Kernel versions with n_gsm driver before the fix commits

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using GSM modem functionality via n_gsm driver. Most desktop/workstation systems are unaffected unless using GSM modems.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

Local denial of service through system crash, requiring reboot to restore functionality.

🟢

If Mitigated

Minimal impact with proper kernel patching and restricted local access.

🌐 Internet-Facing: LOW - Requires local access to exploit, not remotely exploitable.

🏢 Internal Only: MEDIUM - Local attackers with user privileges can cause system crashes.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and knowledge of GSM modem operations. Race condition exploitation can be challenging.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits: 19d34b73234af542cc8a218cf398dee73cdb1890, 3a75b205de43365f80a33b98ec9289785da56243, 81a4dd5e6c78f5d8952fa8c9d36565db1fe01444, ce4df90333c4fe65acb8b5089fdfe9b955ce976a, df6cfab66ff2a44bd23ad5dd5309cb3421bb6593

Vendor Advisory: https://git.kernel.org/stable/c/

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable n_gsm module

linux

Prevent loading of vulnerable n_gsm driver if GSM modem functionality is not required

echo 'blacklist n_gsm' >> /etc/modprobe.d/blacklist.conf
rmmod n_gsm

🧯 If You Can't Patch

Restrict local user access to systems using GSM modem functionality
Implement strict access controls and monitor for abnormal system crashes

🔍 How to Verify

Check if Vulnerable:

Check if n_gsm module is loaded: lsmod | grep n_gsm. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated and n_gsm module version matches patched kernel. Check system logs for crash reports.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages in /var/log/kern.log or dmesg
System crash/reboot events
GSM modem error messages

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "n_gsm")

📊 Metadata

CVE ID: CVE-2023-52872

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-362

Published: May 21, 2024

Last Updated: April 2, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52872, you might also want to check these: