2 matches found
CVE-2023-53839
A data race vulnerability was found in the DCCP Datagram Congestion Control Protocol implementation in the Linux kernel. The dp-dccpsmsscache variable is read in dccpsendmsg and dodccpgetsockopt without holding the socket lock, while it can be concurrently modified by other threads. This can lead...
CVE-2023-53839 dccp: fix data-race around dp->dccps_mss_cache
In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the socket. Same thing in dodccpgetsockopt. Add READONCE/WRITEONCE annotations, and change dccpsendmsg to check again dccpsmsscache aft...