Vulnerability Database

324,382

Total vulnerabilities in the database

CVE-2023-53620

In the Linux kernel, the following vulnerability has been resolved:

md: fix soft lockup in status_resync

status_resync() will calculate 'curr_resync - recovery_active' to show user a progress bar like following:

[============>........] resync = 61.4%

'curr_resync' and 'recovery_active' is updated in md_do_sync(), and status_resync() can read them concurrently, hence it's possible that 'curr_resync - recovery_active' can overflow to a huge number. In this case status_resync() will be stuck in the loop to print a large amount of '=', which will end up soft lockup.

Fix the problem by setting 'resync' to MD_RESYNC_ACTIVE in this case, this way resync in progress will be reported to user.

  • Published: Oct 7, 2025
  • Updated: Feb 6, 2026
  • CVE: CVE-2023-53620
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.5
  • AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWEs: