{"id":"AZL-76641","summary":"CVE-2023-53620 affecting package kernel 5.15.200.1-1","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nmd: fix soft lockup in status_resync\n\nstatus_resync() will calculate 'curr_resync - recovery_active' to show\nuser a progress bar like following:\n\n[============\u003e........]  resync = 61.4%\n\n'curr_resync' and 'recovery_active' is updated in md_do_sync(), and\nstatus_resync() can read them concurrently, hence it's possible that\n'curr_resync - recovery_active' can overflow to a huge number. In this\ncase status_resync() will be stuck in the loop to print a large amount\nof '=', which will end up soft lockup.\n\nFix the problem by setting 'resync' to MD_RESYNC_ACTIVE in this case,\nthis way resync in progress will be reported to user.","modified":"2026-04-21T04:39:05.270498Z","published":"2025-10-07T16:15:44Z","upstream":["CVE-2023-53620"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53620"}],"affected":[{"package":{"name":"kernel","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/kernel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"5.15.200.1-1"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-76641.json"}}],"schema_version":"1.7.5"}