{"id":"CVE-2023-53577","summary":"bpf, cpumap: Make sure kthread is running before map update returns","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nbpf, cpumap: Make sure kthread is running before map update returns\n\nThe following warning was reported when running stress-mode enabled\nxdp_redirect_cpu with some RT threads:\n\n  ------------[ cut here ]------------\n  WARNING: CPU: 4 PID: 65 at kernel/bpf/cpumap.c:135\n  CPU: 4 PID: 65 Comm: kworker/4:1 Not tainted 6.5.0-rc2+ #1\n  Hardware name: QEMU Standard PC (i440FX + PIIX, 1996)\n  Workqueue: events cpu_map_kthread_stop\n  RIP: 0010:put_cpu_map_entry+0xda/0x220\n  ......\n  Call Trace:\n   \u003cTASK\u003e\n   ? show_regs+0x65/0x70\n   ? __warn+0xa5/0x240\n   ......\n   ? put_cpu_map_entry+0xda/0x220\n   cpu_map_kthread_stop+0x41/0x60\n   process_one_work+0x6b0/0xb80\n   worker_thread+0x96/0x720\n   kthread+0x1a5/0x1f0\n   ret_from_fork+0x3a/0x70\n   ret_from_fork_asm+0x1b/0x30\n   \u003c/TASK\u003e\n\nThe root cause is the same as commit 436901649731 (\"bpf: cpumap: Fix memory\nleak in cpu_map_update_elem\"). The kthread is stopped prematurely by\nkthread_stop() in cpu_map_kthread_stop(), and kthread() doesn't call\ncpu_map_kthread_run() at all but XDP program has already queued some\nframes or skbs into ptr_ring. So when __cpu_map_ring_cleanup() checks\nthe ptr_ring, it will find it was not emptied and report a warning.\n\nAn alternative fix is to use __cpu_map_ring_cleanup() to drop these\npending frames or skbs when kthread_stop() returns -EINTR, but it may\nconfuse the user, because these frames or skbs have been handled\ncorrectly by XDP program. So instead of dropping these frames or skbs,\njust make sure the per-cpu kthread is running before\n__cpu_map_entry_alloc() returns.\n\nAfter apply the fix, the error handle for kthread_stop() will be\nunnecessary because it will always return 0, so just remove it.","modified":"2026-03-20T12:33:14.327382Z","published":"2025-10-04T15:17:16.632Z","related":["SUSE-SU-2025:21040-1","SUSE-SU-2025:21052-1","SUSE-SU-2025:21056-1","SUSE-SU-2025:21064-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4128-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4140-1","SUSE-SU-2025:4141-1","SUSE-SU-2025:4301-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53577.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/640a604585aa30f93e39b17d4d6ba69fcb1e66c9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7a1178a3671b40746830d355836b72e47ceb2490"},{"type":"WEB","url":"https://git.kernel.org/stable/c/b44d28b98f185d2f2348aa3c3636838c316f889e"},{"type":"WEB","url":"https://git.kernel.org/stable/c/ecb45b852af5e88257020b88bea5ff0798d72aca"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53577.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53577"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"6710e1126934d8b4372b4d2f9ae1646cd3f151bf"},{"fixed":"b44d28b98f185d2f2348aa3c3636838c316f889e"},{"fixed":"7a1178a3671b40746830d355836b72e47ceb2490"},{"fixed":"ecb45b852af5e88257020b88bea5ff0798d72aca"},{"fixed":"640a604585aa30f93e39b17d4d6ba69fcb1e66c9"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53577.json"}}],"schema_version":"1.7.5"}