CVE-2023-53608

EPSS 0.02%
Veröffentlicht 04.10.2025 15:44:17
Zuletzt bearbeitet 05.02.2026 16:40:42
Quelle 416baaa9-dc9f-4396-8d5f-8c081f
CVE-Watchlists
Login
Unerledigt
Login

In the Linux kernel, the following vulnerability has been resolved:

nilfs2: fix potential UAF of struct nilfs_sc_info in nilfs_segctor_thread()

The finalization of nilfs_segctor_thread() can race with
nilfs_segctor_kill_thread() which terminates that thread, potentially
causing a use-after-free BUG as KASAN detected.

At the end of nilfs_segctor_thread(), it assigns NULL to "sc_task" member
of "struct nilfs_sc_info" to indicate the thread has finished, and then
notifies nilfs_segctor_kill_thread() of this using waitqueue
"sc_wait_task" on the struct nilfs_sc_info.

However, here, immediately after the NULL assignment to "sc_task", it is
possible that nilfs_segctor_kill_thread() will detect it and return to
continue the deallocation, freeing the nilfs_sc_info structure before the
thread does the notification.

This fixes the issue by protecting the NULL assignment to "sc_task" and
its notification, with spinlock "sc_state_lock" of the struct
nilfs_sc_info.  Since nilfs_segctor_kill_thread() does a final check to
see if "sc_task" is NULL with "sc_state_lock" locked, this can eliminate
the race.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 11

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

Diese Information steht angemeldeten Benutzern zur Verfügung.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Linux ≫ Linux Kernel Version >= 2.6.30 < 4.14.313

Linux ≫ Linux Kernel Version >= 4.15 < 4.19.281

Linux ≫ Linux Kernel Version >= 4.20 < 5.4.241

Linux ≫ Linux Kernel Version >= 5.5 < 5.10.178

Linux ≫ Linux Kernel Version >= 5.11 < 5.15.107

Linux ≫ Linux Kernel Version >= 5.16 < 6.1.24

Linux ≫ Linux Kernel Version >= 6.2 < 6.2.11

Linux ≫ Linux Kernel Version6.3 Updaterc1

Linux ≫ Linux Kernel Version6.3 Updaterc2

Linux ≫ Linux Kernel Version6.3 Updaterc3

Linux ≫ Linux Kernel Version6.3 Updaterc4

Linux ≫ Linux Kernel Version6.3 Updaterc5

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.055

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

https://git.kernel.org/stable/c/034cce77d52ba013ce62b4f5258c29907eb1ada5

Patch

https://git.kernel.org/stable/c/0dbf0e64b91ee8fcb278aea93eb06fc7d56ecbcc

Patch

https://git.kernel.org/stable/c/613bf23c070d11c525268f2945aa594704a9b764

Patch

https://git.kernel.org/stable/c/f32297dba338dc06d62286dedb3cdbd5175b1719

Patch

https://git.kernel.org/stable/c/92684e02654c91a61a0b0561433b710bcece19fe

Patch

https://git.kernel.org/stable/c/bae009a2f1b7c2011d2e92d8c84868d315c0b97e

Patch