CVE-2023-53151
📋 TL;DR
A denial-of-service vulnerability in the Linux kernel's RAID10 implementation allows unprivileged local users to trigger a soft lockup by writing large amounts of data. This affects systems using software RAID10 arrays, potentially causing system hangs and requiring manual intervention. The vulnerability is specific to the md/raid10 module in the kernel.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system lockup requiring hard reboot, potential data corruption if writes are interrupted, and extended service disruption.
Likely Case
Temporary system unresponsiveness during heavy write operations, degraded RAID performance, and watchdog-triggered reboots.
If Mitigated
Minor performance impact with occasional scheduler yields during heavy write operations.
🎯 Exploit Status
Requires local access and ability to generate sustained heavy write operations to RAID10 arrays. Not remotely exploitable.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing commits from git.kernel.org references
Vendor Advisory: https://git.kernel.org/stable/c/00ecb6fa67c0f772290c5ea5ae8b46eefd503b83
Restart Required: No
Instructions:
1. Update Linux kernel to patched version from your distribution vendor. 2. For custom kernels, apply commit 00ecb6fa67c0f772290c5ea5ae8b46eefd503b83 or related patches. 3. Rebuild and install kernel if compiling from source.
🔧 Temporary Workarounds
Limit write operations
linuxImplement I/O throttling or rate limiting on RAID10 arrays to prevent excessive write bursts
echo '1000' > /sys/block/mdX/md/group_thread_cnt
ionice -c3 -p <process_id>
Monitor and restart hung arrays
linuxImplement monitoring for soft lockups and automatic array recovery
watchdog -t 30 /dev/watchdog
echo 1 > /proc/sys/kernel/softlockup_panic
🧯 If You Can't Patch
- Migrate critical data from RAID10 to RAID1 which has existing cond_resched() calls
- Implement strict access controls to prevent unprivileged users from writing to RAID arrays
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if using RAID10 arrays: cat /proc/mdstat and uname -rCheck Version:
uname -rVerify Fix Applied:
Verify kernel version includes fix commits or test with write-intensive operations on RAID10 arrays📡 Detection & Monitoring
Log Indicators:
- kernel: BUG: soft lockup - CPU# stuck
- kernel: md0_raid10: watchdog timeout
- system logs showing RAID array hangs
Network Indicators:
- N/A - local vulnerability
SIEM Query:
source="kernel" AND "soft lockup" AND "raid10"🔗 References
- https://git.kernel.org/stable/c/00ecb6fa67c0f772290c5ea5ae8b46eefd503b83
- https://git.kernel.org/stable/c/010444623e7f4da6b4a4dd603a7da7469981e293
- https://git.kernel.org/stable/c/1d467e10507167eb6dc2c281a87675b731955d86
- https://git.kernel.org/stable/c/634daf6b2c81015cc5e28bf694a6a94a50c641cd
- https://git.kernel.org/stable/c/84a578961b2566e475bfa8740beaf0abcc781a6f
- https://git.kernel.org/stable/c/d0345f7c7dbc5d42e4e6f1db99c1c1879d7b0eb5
- https://git.kernel.org/stable/c/f45b2fa7678ab385299de345f7e85d05caea386b
- https://git.kernel.org/stable/c/fbf50184190d55f8717bd29aa9530c399be96f30
