Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2023-53655
CVE-2023-53655:
Linux Kernel vulnerability analysis and mitigation
Overview
In the Linux kernel, a vulnerability has been identified where registering a kprobe on __rcu_irq_enter_check_tick() can cause kernel stack overflow. This issue was assigned CVE-2023-53655 and was discovered in October 2025 (NVD).
Technical details
The vulnerability can be reproduced by enabling CONFIG_NO_HZ_FULL and booting the kernel with argument "nohz_full=", followed by specific commands at the shell prompt involving kprobe_events. The issue manifests as a kernel stack overflow when __rcu_irq_enter_check_tick() is probed, leading to insufficient stack space to handle exceptions (NVD).
Impact
When exploited, this vulnerability results in a kernel panic due to stack overflow, which can cause system instability and denial of service. The issue specifically affects the kernel's ability to handle exceptions properly when certain debugging features are enabled (NVD).
Mitigation and workarounds
The issue has been resolved by adding __rcu_irq_enter_check_tick() to the kprobes blacklist using NOKPROBE_SYMBOL(). This prevents the problematic probing that leads to the stack overflow condition (NVD).
Additional resources
Source: This report was generated using AI
Related Linux Kernel vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management