{"id":"CVE-2023-53189","summary":"ipv6/addrconf: fix a potential refcount underflow for idev","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nipv6/addrconf: fix a potential refcount underflow for idev\n\nNow in addrconf_mod_rs_timer(), reference idev depends on whether\nrs_timer is not pending. Then modify rs_timer timeout.\n\nThere is a time gap in [1], during which if the pending rs_timer\nbecomes not pending. It will miss to hold idev, but the rs_timer\nis activated. Thus rs_timer callback function addrconf_rs_timer()\nwill be executed and put idev later without holding idev. A refcount\nunderflow issue for idev can be caused by this.\n\n\tif (!timer_pending(&idev-\u003ers_timer))\n\t\tin6_dev_hold(idev);\n\t\t  \u003c--------------[1]\n\tmod_timer(&idev-\u003ers_timer, jiffies + when);\n\nTo fix the issue, hold idev if mod_timer() return 0.","modified":"2026-04-02T09:43:46.314978Z","published":"2025-09-15T14:05:26.685Z","related":["SUSE-SU-2025:03600-1","SUSE-SU-2025:03614-1","SUSE-SU-2025:03615-1","SUSE-SU-2025:03634-1","SUSE-SU-2025:20851-1","SUSE-SU-2025:20861-1","SUSE-SU-2025:20870-1","SUSE-SU-2025:20898-1","SUSE-SU-2025:3751-1","SUSE-SU-2025:3761-1","SUSE-SU-2025:4057-1","SUSE-SU-2025:4132-1","SUSE-SU-2025:4141-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53189.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/06a0716949c22e2aefb648526580671197151acc"},{"type":"WEB","url":"https://git.kernel.org/stable/c/1f656e483eb4733d62f18dfb206a49b78f60f495"},{"type":"WEB","url":"https://git.kernel.org/stable/c/2ad31ce40e8182860b631e37209e93e543790b7c"},{"type":"WEB","url":"https://git.kernel.org/stable/c/436b7cc7eae7851c184b671ed7a4a64c750b86f7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/82abd1c37d3bf2a2658b34772c17a25a6f9cca42"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c6395e32935d35e6f935e7caf1c2dac5a95943b4"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c7eeba47058532f6077d6a658e38b6698f6ae71a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/df62fdcd004afa72ecbed0e862ebb983acd3aa57"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53189.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53189"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"b7b1bfce0bb68bd8f6e62a28295922785cc63781"},{"fixed":"c6395e32935d35e6f935e7caf1c2dac5a95943b4"},{"fixed":"df62fdcd004afa72ecbed0e862ebb983acd3aa57"},{"fixed":"c7eeba47058532f6077d6a658e38b6698f6ae71a"},{"fixed":"2ad31ce40e8182860b631e37209e93e543790b7c"},{"fixed":"82abd1c37d3bf2a2658b34772c17a25a6f9cca42"},{"fixed":"436b7cc7eae7851c184b671ed7a4a64c750b86f7"},{"fixed":"1f656e483eb4733d62f18dfb206a49b78f60f495"},{"fixed":"06a0716949c22e2aefb648526580671197151acc"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"973d5956f754cfc306f5e274d71503498f4b0324"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53189.json"}}],"schema_version":"1.7.5"}