CVE-2023-53590
📋 TL;DR
A denial-of-service vulnerability in the Linux kernel's SCTP implementation where freeing stream priorities could trigger a nested loop (up to 65535×65535 iterations), causing CPU soft lockups. This affects systems using SCTP protocol with the kernel's priority scheduler enabled. The vulnerability can be exploited locally or remotely by attackers with network access to SCTP services.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Complete system lockup requiring hard reboot, leading to extended service downtime and potential data loss.
Likely Case
Denial of service affecting SCTP services and potentially causing system instability or performance degradation.
If Mitigated
Minimal impact if SCTP is disabled or unused, or if systems are patched.
🎯 Exploit Status
Exploitation requires triggering SCTP stream priority cleanup. No public exploit code identified, but the vulnerability is well-documented in kernel commits.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Patches available in stable kernel branches (commits: 03c3a5584a0a29821e59b7834635ce823050caaa, 68ba44639537de6f91fe32783766322d41848127, 6d529928ea212127851a2df8c40d822237ca946b, 8ee401f89cdb10f39098c0656d695b2bc4052100, bf5540cbd20e2dae2c81ab9b31deef41ef147d0a)
Vendor Advisory: https://git.kernel.org/stable/c/03c3a5584a0a29821e59b7834635ce823050caaa
Restart Required: Yes
Instructions:
1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.
🔧 Temporary Workarounds
Disable SCTP kernel module
linuxPrevent loading of SCTP kernel module if not required
echo 'install sctp /bin/true' >> /etc/modprobe.d/disable-sctp.conf
rmmod sctp 2>/dev/null || true
Block SCTP at firewall
linuxPrevent SCTP network traffic from reaching vulnerable systems
iptables -A INPUT -p sctp -j DROP
iptables -A OUTPUT -p sctp -j DROP
🧯 If You Can't Patch
- Disable SCTP protocol entirely if not needed for business operations
- Implement network segmentation to isolate SCTP services from untrusted networks
🔍 How to Verify
Check if Vulnerable:
Check if SCTP module is loaded: lsmod | grep sctp. If loaded and kernel version is unpatched, system is vulnerable.Check Version:
uname -rVerify Fix Applied:
Check kernel version includes patched commits or is newer than vulnerable versions. Verify SCTP functions normally after patch.📡 Detection & Monitoring
Log Indicators:
- Kernel soft lockup messages in dmesg or /var/log/kern.log
- Watchdog timeout alerts
- High CPU usage by ksoftirqd processes
Network Indicators:
- Unusual SCTP traffic patterns
- Multiple SCTP connection attempts
SIEM Query:
source="kernel" AND "soft lockup" AND ("sctp" OR "CPU#" AND "stuck")🔗 References
- https://git.kernel.org/stable/c/03c3a5584a0a29821e59b7834635ce823050caaa
- https://git.kernel.org/stable/c/68ba44639537de6f91fe32783766322d41848127
- https://git.kernel.org/stable/c/6d529928ea212127851a2df8c40d822237ca946b
- https://git.kernel.org/stable/c/8ee401f89cdb10f39098c0656d695b2bc4052100
- https://git.kernel.org/stable/c/bf5540cbd20e2dae2c81ab9b31deef41ef147d0a
- https://git.kernel.org/stable/c/cec326443f01283ef68ea00c06ea073b1835a562
