检测

Linux Distros 未修补的漏洞:CVE-2023-53348

medium Nessus 插件 ID 265658

语言:

简介

Linux/Unix 主机上安装的一个或多个程序包存在漏洞,但供应商表示不会修补此漏洞。

描述

Linux/Unix 主机中安装的一个或多个程序包受到一个漏洞影响,而供应商没有提供补丁程序。

 - btrfs修复在使用 scrub 进行重定位期间中止事务时死锁的情况在迁移区块群组暂停 scrub、然后执行重定位、然后取消暂停 scrub。重定位进程需要启动和提交事务如果事务提交路径的关键部分发生故障事务状态 >= TRANS_STATE_COMMIT_START则在暂停的清理时我们将死锁。这会导致类似于如下的堆栈跟踪[42.479] BTRFS 信息设备 sdc重新定位块群组 53876686848 标记元数据|raid6 [42.936] BTRFS 警告设备 sdc跳过提交中止的事务。 [42.936] ------------[ 在此处切换 ]------------ [42.936] BTRFS事务中止错误 -28[42.936] 警告CPU11 PID346822 at fs/btrfs/transaction.c:1977 btrfs_commit_transaction+0xcc8/0xeb0 [btrfs] [42.936] 链接的模块dm_flakey dm_mod 循环 btrfs (...) [42.936] CPU11 PID 346822 Comm
 btrfs TaintedGW 6.3.0-rc2-btrfs-next-127+ #1 [42.936] 硬件名称QEMU Standard PC(i440FX + PIIX,1996)、BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu .org 2014 年 04 月 1 日 [42.936] RIP
 0010btrfs_commit_transaction+0xcc8/0xeb0 [btrfs] [42.936] Code: ff ff 45 8b (...) [42.936] RSP
 0018ffffb58649633b48 EFLAGS00010282 [42.936] RAX: 0000000000000000 RBX: ffff8be6ef4d5bd8 RCX
 0000000000000000 [42.936] RDX: 0000000000000002 RSI: ffffffffb35e7782 RDI: 00000000ffffffff [42.936] RBP
 ffff8be6ef4d5c98 R080000000000000000 R09ffffb586496339e8 [42.936] R100000000000000001 R11
 0000000000000001 R12ffff8be6d38c7c00 [42.936] R1300000000ffffffe4 R14ffff8be6c268c000 R15
 ffff8be6ef4d5cf0 [42.936] FS: 00007f381a82b340(0000) GS:ffff8beddfcc0000(0000) knlGS:0000000000000000 [42.936] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [42.936] CR2: 00007f1e35fb7638 CR3:
 0000000117680006 CR4: 0000000000370ee0 [42.936] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
 0000000000000000 [42.936] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [42.936] 调用跟踪 [42.936] <TASK> [42.936] ? start_transaction+0xcb/0x610 [btrfs] [42.936] prepare_to_relocate+0x111/0x1a0 [btrfs] [42.936] relocate_block_group+0x57/0x5d0 [btrfs] [42.936] ? btrfs_wait_nocow_writers+0x25/0xb0 [btrfs] [42.936] btrfs_relocate_block_group+0x248/0x3c0 [btrfs] [42.936] ? __pfx_autoremove_wake_function+0x10/0x10 [42.936] btrfs_relocate_chunk+0x3b/0x150 [btrfs] [42.936] btrfs_balance+0x8ff/0x11d0 [btrfs] [42.936] ? __kmem_cache_alloc_node+0x14a/0x410 [42.936] btrfs_ioctl+0x2334/0x32c0 [btrfs] [42.937] ? mod_objcg_state+0xd2/0x360 [42.937] ? refill_obj_Stock+0xb0/0x160 [42.937] ? seq_release+0x25/0x30 [42.937] ?
 __rseq_handle_notify_resume+0x3b5/0x4b0 [42.937] ? percpu_counter_add_batch+0x2e/0xa0 [42.937] ?
 __x64_sys_ioctl+0x88/0xc0 [42.937] __x64_sys_ioctl+0x88/0xc0 [42.937] do_syscall_64+0x38/0x90 [42.937] entry_SYSCALL_64_after_hwframe+0x72/0xdc [42.937] RIP: 0033:0x7f381a6ffe9b: Code42.9370x9b [89]4 44 24 (...) [42.937] RSP: 002b:00007ffd45ecf060 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [42.937] RAX
 ffffffffffffffda RBX0000000000000001 RCX: 00007f381a6ffe9b [42.937] RDX: 00007ffd45ecf150 RSI
 00000000c4009420 RDI 0000000000000003 [42.937] RBP 0000000000000003 R080000000000000013 R09
 0000000000000000 [42.937] R1000007f381a60c878 R110000000000000246 R12: 00007ffd45ed0423 [42.937] R13
 00007ffd45ecf150 R14: 00000000000000000 R15: 00007ffd45ecf148 [42.937] </TASK> [42.937] ---[ 结束跟踪 0000000000000000 ]--- [42.937] BTRFScleanup_transaction:1977 中存在错误(设备 sdc状态 A): errno =-28 剩余空间不足 [59.196] INFO任务 btrfs:346772 阻断时间超过 120 秒。 [59.196] 受感染GW 6.3.0-rc2-btrfs-next-127+ #1 [59.196] echo 0 > /proc/sys/kernel/hung_ ---truncated--- (CVE-2023-53348)

请注意,Nessus 依赖供应商报告的程序包是否存在进行判断。

解决方案

目前尚未有任何已知的解决方案。

另见

https://access.redhat.com/security/cve/cve-2023-53348

https://security-tracker.debian.org/tracker/CVE-2023-53348

https://ubuntu.com/security/CVE-2023-53348

插件详情

严重性: Medium

ID: 265658

文件名: unpatched_CVE_2023_53348.nasl

版本: 1.6

类型: local

代理: unix

系列: Misc.

发布时间: 2025/9/20

最近更新时间: 2025/10/28

支持的传感器: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

风险信息

VPR

风险因素: Low

分数: 3.6

漏洞信息

CPE: cpe:/o:debian:debian_linux:11.0, cpe:/o:canonical:ubuntu_linux:20.04:-:lts, cpe:/o:canonical:ubuntu_linux:24.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-hwe, cpe:/o:canonical:ubuntu_linux:14.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.0, p-cpe:/a:canonical:ubuntu_linux:linux-raspi, p-cpe:/a:centos:centos:python-perf, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-intel, p-cpe:/a:centos:centos:kernel-rt-devel, p-cpe:/a:canonical:ubuntu_linux:linux-oracle, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.19, p-cpe:/a:centos:centos:kernel-bootwrapper, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg-5.15, cpe:/o:canonical:ubuntu_linux:16.04:-:lts, cpe:/o:redhat:enterprise_linux:7, p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-devel, p-cpe:/a:redhat:enterprise_linux:kernel-bootwrapper, p-cpe:/a:canonical:ubuntu_linux:linux-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.13, p-cpe:/a:redhat:enterprise_linux:python-perf, p-cpe:/a:canonical:ubuntu_linux:linux-raspi2, p-cpe:/a:redhat:enterprise_linux:kernel-abi-whitelists, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.4, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs-devel, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.2, p-cpe:/a:centos:centos:kernel-rt-trace-kvm, p-cpe:/a:redhat:enterprise_linux:kernel-rt-doc, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.2, p-cpe:/a:redhat:enterprise_linux:kernel-tools-libs, p-cpe:/a:redhat:enterprise_linux:perf, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.0, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-devel, p-cpe:/a:centos:centos:kernel-headers, p-cpe:/a:redhat:enterprise_linux:bpftool, p-cpe:/a:redhat:enterprise_linux:kernel-rt-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-aws, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.13, p-cpe:/a:centos:centos:kernel-tools-libs-devel, p-cpe:/a:redhat:enterprise_linux:kernel-tools, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency, p-cpe:/a:canonical:ubuntu_linux:linux-oem, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-ibm, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.3, p-cpe:/a:redhat:enterprise_linux:kernel-doc, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.11, p-cpe:/a:centos:centos:kernel-debug-devel, p-cpe:/a:centos:centos:kernel-kdump-devel, p-cpe:/a:centos:centos:kernel-devel, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-hwe, p-cpe:/a:canonical:ubuntu_linux:linux-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-igx, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.17, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.2, p-cpe:/a:centos:centos:kernel-rt-doc, p-cpe:/a:redhat:enterprise_linux:kernel, p-cpe:/a:centos:centos:kernel-kdump, p-cpe:/a:canonical:ubuntu_linux:linux-intel-5.13, p-cpe:/a:centos:centos:kernel-rt-debug-kvm, p-cpe:/a:centos:centos:perf, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-lts-xenial, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.15, p-cpe:/a:centos:centos:bpftool, p-cpe:/a:canonical:ubuntu_linux:linux-azure-edge, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.5, p-cpe:/a:centos:centos:kernel-rt-debug-devel, p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.13, p-cpe:/a:redhat:enterprise_linux:kernel-kdump-devel, p-cpe:/a:redhat:enterprise_linux:kernel-debug, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-azure-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.8, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia-tegra-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-4.15, p-cpe:/a:centos:centos:kernel, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.1, p-cpe:/a:centos:centos:kernel-rt-trace-devel, p-cpe:/a:canonical:ubuntu_linux:linux-riscv, p-cpe:/a:redhat:enterprise_linux:kernel-rt-debug, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.10, p-cpe:/a:redhat:enterprise_linux:kernel-devel, p-cpe:/a:canonical:ubuntu_linux:linux-nvidia, p-cpe:/a:redhat:enterprise_linux:kernel-rt-devel, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.13, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.14, p-cpe:/a:canonical:ubuntu_linux:linux-xilinx-zynqmp, p-cpe:/a:canonical:ubuntu_linux:linux-gcp, p-cpe:/a:centos:centos:kernel-rt-kvm, p-cpe:/a:canonical:ubuntu_linux:linux-azure, p-cpe:/a:debian:debian_linux:linux, p-cpe:/a:centos:centos:kernel-rt, p-cpe:/a:centos:centos:kernel-tools, p-cpe:/a:redhat:enterprise_linux:kernel-kdump, cpe:/o:canonical:ubuntu_linux:22.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-5.3, p-cpe:/a:centos:centos:kernel-rt-trace, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.4, p-cpe:/a:centos:centos:kernel-rt-debug, p-cpe:/a:centos:centos:kernel-doc, p-cpe:/a:canonical:ubuntu_linux:linux-gke-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.3, p-cpe:/a:centos:centos:kernel-tools-libs, p-cpe:/a:canonical:ubuntu_linux:linux-starfive-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oem-5.6, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-6.5, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.8, cpe:/o:canonical:ubuntu_linux:18.04:-:lts, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.4, p-cpe:/a:centos:centos:kernel-abi-whitelists, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.11, p-cpe:/a:redhat:enterprise_linux:kernel-rt-trace, p-cpe:/a:canonical:ubuntu_linux:linux-bluefield, p-cpe:/a:canonical:ubuntu_linux:linux-ibm-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-lowlatency-hwe-6.2, p-cpe:/a:redhat:enterprise_linux:kernel-headers, p-cpe:/a:canonical:ubuntu_linux:linux-allwinner-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.8, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.13, cpe:/o:centos:centos:7, p-cpe:/a:canonical:ubuntu_linux:linux-raspi-realtime, p-cpe:/a:centos:centos:kernel-debug, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-azure-fde-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-gkeop, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iot-realtime, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-oracle-5.3, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-edge, p-cpe:/a:canonical:ubuntu_linux:linux-azure-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.19, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.4, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.13, p-cpe:/a:canonical:ubuntu_linux:linux, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-riscv-5.15, p-cpe:/a:canonical:ubuntu_linux:linux-iot, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.11, p-cpe:/a:canonical:ubuntu_linux:linux-intel-iotg, p-cpe:/a:redhat:enterprise_linux:kernel-debug-devel, p-cpe:/a:canonical:ubuntu_linux:linux-gke-4.15, p-cpe:/a:canonical:ubuntu_linux:linux-aws-5.8, p-cpe:/a:redhat:enterprise_linux:kernel-rt, p-cpe:/a:canonical:ubuntu_linux:linux-oem-6.0, p-cpe:/a:canonical:ubuntu_linux:linux-azure-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gcp-6.11, p-cpe:/a:canonical:ubuntu_linux:linux-aws-6.2, p-cpe:/a:canonical:ubuntu_linux:linux-gke, p-cpe:/a:canonical:ubuntu_linux:linux-hwe-5.19

必需的 KB 项: Host/local_checks_enabled, Host/cpu, global_settings/vendor_unpatched, Host/OS/identifier

易利用性: No known exploits are available

漏洞发布日期: 2025/9/17

参考资料信息

CVE: CVE-2023-53348