{"id":"CVE-2023-53329","summary":"workqueue: fix data race with the pwq-\u003estats[] increment","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nworkqueue: fix data race with the pwq-\u003estats[] increment\n\nKCSAN has discovered a data race in kernel/workqueue.c:2598:\n\n[ 1863.554079] ==================================================================\n[ 1863.554118] BUG: KCSAN: data-race in process_one_work / process_one_work\n\n[ 1863.554142] write to 0xffff963d99d79998 of 8 bytes by task 5394 on cpu 27:\n[ 1863.554154] process_one_work (kernel/workqueue.c:2598)\n[ 1863.554166] worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2752)\n[ 1863.554177] kthread (kernel/kthread.c:389)\n[ 1863.554186] ret_from_fork (arch/x86/kernel/process.c:145)\n[ 1863.554197] ret_from_fork_asm (arch/x86/entry/entry_64.S:312)\n\n[ 1863.554213] read to 0xffff963d99d79998 of 8 bytes by task 5450 on cpu 12:\n[ 1863.554224] process_one_work (kernel/workqueue.c:2598)\n[ 1863.554235] worker_thread (./include/linux/list.h:292 kernel/workqueue.c:2752)\n[ 1863.554247] kthread (kernel/kthread.c:389)\n[ 1863.554255] ret_from_fork (arch/x86/kernel/process.c:145)\n[ 1863.554266] ret_from_fork_asm (arch/x86/entry/entry_64.S:312)\n\n[ 1863.554280] value changed: 0x0000000000001766 -\u003e 0x000000000000176a\n\n[ 1863.554295] Reported by Kernel Concurrency Sanitizer on:\n[ 1863.554303] CPU: 12 PID: 5450 Comm: kworker/u64:1 Tainted: G             L     6.5.0-rc6+ #44\n[ 1863.554314] Hardware name: ASRock X670E PG Lightning/X670E PG Lightning, BIOS 1.21 04/26/2023\n[ 1863.554322] Workqueue: btrfs-endio btrfs_end_bio_work [btrfs]\n[ 1863.554941] ==================================================================\n\n    lockdep_invariant_state(true);\n→   pwq-\u003estats[PWQ_STAT_STARTED]++;\n    trace_workqueue_execute_start(work);\n    worker-\u003ecurrent_func(work);\n\nMoving pwq-\u003estats[PWQ_STAT_STARTED]++; before the line\n\n    raw_spin_unlock_irq(&pool-\u003elock);\n\nresolves the data race without performance penalty.\n\nKCSAN detected at least one additional data race:\n\n[  157.834751] ==================================================================\n[  157.834770] BUG: KCSAN: data-race in process_one_work / process_one_work\n\n[  157.834793] write to 0xffff9934453f77a0 of 8 bytes by task 468 on cpu 29:\n[  157.834804] process_one_work (/home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2606)\n[  157.834815] worker_thread (/home/marvin/linux/kernel/linux_torvalds/./include/linux/list.h:292 /home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2752)\n[  157.834826] kthread (/home/marvin/linux/kernel/linux_torvalds/kernel/kthread.c:389)\n[  157.834834] ret_from_fork (/home/marvin/linux/kernel/linux_torvalds/arch/x86/kernel/process.c:145)\n[  157.834845] ret_from_fork_asm (/home/marvin/linux/kernel/linux_torvalds/arch/x86/entry/entry_64.S:312)\n\n[  157.834859] read to 0xffff9934453f77a0 of 8 bytes by task 214 on cpu 7:\n[  157.834868] process_one_work (/home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2606)\n[  157.834879] worker_thread (/home/marvin/linux/kernel/linux_torvalds/./include/linux/list.h:292 /home/marvin/linux/kernel/linux_torvalds/kernel/workqueue.c:2752)\n[  157.834890] kthread (/home/marvin/linux/kernel/linux_torvalds/kernel/kthread.c:389)\n[  157.834897] ret_from_fork (/home/marvin/linux/kernel/linux_torvalds/arch/x86/kernel/process.c:145)\n[  157.834907] ret_from_fork_asm (/home/marvin/linux/kernel/linux_torvalds/arch/x86/entry/entry_64.S:312)\n\n[  157.834920] value changed: 0x000000000000052a -\u003e 0x0000000000000532\n\n[  157.834933] Reported by Kernel Concurrency Sanitizer on:\n[  157.834941] CPU: 7 PID: 214 Comm: kworker/u64:2 Tainted: G             L     6.5.0-rc7-kcsan-00169-g81eaf55a60fc #4\n[  157.834951] Hardware name: ASRock X670E PG Lightning/X670E PG Lightning, BIOS 1.21 04/26/2023\n[  157.834958] Workqueue: btrfs-endio btrfs_end_bio_work [btrfs]\n[  157.835567] ==================================================================\n\nin code:\n\n        trace_workqueue_execute_end(work, worker-\u003ecurrent_func);\n→       pwq-\u003estats[PWQ_STAT_COM\n---truncated---","modified":"2026-04-02T09:43:59.797551Z","published":"2025-09-16T16:12:05.196Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53329.json","cna_assigner":"Linux"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/ce55024f28589b0012fa2c6b5748ec5a180b7fbe"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fe48ba7daefe75bbbefa2426deddc05f2d530d2d"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53329.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-53329"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"725e8ec59c56c65fb92e343c10a8842cd0d4f194"},{"fixed":"ce55024f28589b0012fa2c6b5748ec5a180b7fbe"},{"fixed":"fe48ba7daefe75bbbefa2426deddc05f2d530d2d"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-53329.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}