{"id":"CVE-2023-53461","summary":"io_uring: wait interruptibly for request completions on exit","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nio_uring: wait interruptibly for request completions on exit\n\nWHen the ring exits, cleanup is done and the final cancelation and\nwaiting on completions is done by io_ring_exit_work. That function is\ninvoked by kworker, which doesn't take any signals. Because of that, it\ndoesn't really matter if we wait for completions in TASK_INTERRUPTIBLE\nor TASK_UNINTERRUPTIBLE state. However, it does matter to the hung task\ndetection checker!\n\nNormally we expect cancelations and completions to happen rather\nquickly. Some test cases, however, will exit the ring and park the\nowning task stopped (eg via SIGSTOP). If the owning task needs to run\ntask_work to complete requests, then io_ring_exit_work won't make any\nprogress until the task is runnable again. Hence io_ring_exit_work can\ntrigger the hung task detection, which is particularly problematic if\npanic-on-hung-task is enabled.\n\nAs the ring exit doesn't take signals to begin with, have it wait\ninterruptibly rather than uninterruptibly. io_uring has a separate\nstuck-exit warning that triggers independently anyway, so we're not\nreally missing anything by making this switch.","modified":"2026-04-11T12:46:47.522678Z","published":"2025-10-01T11:42:32.525Z","related":["SUSE-SU-2025:03600-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20851-1","SUSE-SU-2025:20861-1","SUSE-SU-2025:20870-1","SUSE-SU-2025:20898-1","SUSE-SU-2025:3751-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4141-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53461.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/28e649dc9947e6525c95e32aa9a8e147925e3f56"},{"type":"WEB","url":"https://git.kernel.org/stable/c/4826c59453b3b4677d6bf72814e7ababdea86949"},{"type":"WEB","url":"https://git.kernel.org/stable/c/58e80cb68b057e974768792c34708c6957810486"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8e29835366138389bfad3b31ea06960d0a77bf77"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b50d6e06cca7b67a3d73ca660dda27662b76e6ea"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53461.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53461"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"2b188cc1bb857a9d4701ae59aa7768b5124e262e"},{"fixed":"28e649dc9947e6525c95e32aa9a8e147925e3f56"},{"fixed":"8e29835366138389bfad3b31ea06960d0a77bf77"},{"fixed":"b50d6e06cca7b67a3d73ca660dda27662b76e6ea"},{"fixed":"58e80cb68b057e974768792c34708c6957810486"},{"fixed":"4826c59453b3b4677d6bf72814e7ababdea86949"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53461.json"}},{"package":{"name":"Kernel","ecosystem":"Linux"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"5.1.0"},{"fixed":"5.10.188"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.11.0"},{"fixed":"5.15.121"}]},{"type":"ECOSYSTEM","events":[{"introduced":"5.16.0"},{"fixed":"6.1.39"}]},{"type":"ECOSYSTEM","events":[{"introduced":"6.2.0"},{"fixed":"6.4.4"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53461.json"}}],"schema_version":"1.7.5"}