-
CVE-2023-53613
- EPSS 0.02%
- Published 04.10.2025 15:44:20
- Last modified 06.10.2025 14:56:21
- Source 416baaa9-dc9f-4396-8d5f-8c081f
- Teams watchlist Login
- Open Login
In the Linux kernel, the following vulnerability has been resolved: dax: Fix dax_mapping_release() use after free A CONFIG_DEBUG_KOBJECT_RELEASE test of removing a device-dax region provider (like modprobe -r dax_hmem) yields: kobject: 'mapping0' (ffff93eb460e8800): kobject_release, parent 0000000000000000 (delayed 2000) [..] DEBUG_LOCKS_WARN_ON(1) WARNING: CPU: 23 PID: 282 at kernel/locking/lockdep.c:232 __lock_acquire+0x9fc/0x2260 [..] RIP: 0010:__lock_acquire+0x9fc/0x2260 [..] Call Trace: <TASK> [..] lock_acquire+0xd4/0x2c0 ? ida_free+0x62/0x130 _raw_spin_lock_irqsave+0x47/0x70 ? ida_free+0x62/0x130 ida_free+0x62/0x130 dax_mapping_release+0x1f/0x30 device_release+0x36/0x90 kobject_delayed_cleanup+0x46/0x150 Due to attempting ida_free() on an ida object that has already been freed. Devices typically only hold a reference on their parent while registered. If a child needs a parent object to complete its release it needs to hold a reference that it drops from its release callback. Arrange for a dax_mapping to pin its parent dev_dax instance until dax_mapping_release().
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users. Login
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
VendorLinux
≫
Product
Linux
Default Statusunaffected
Version <
94a85474f5e3e518bdbf8c9f51cb343d734a04f7
Version
0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca
Status
affected
Version <
9c2f993b6ca903c030d58451b5bf9ea27d0d17fa
Version
0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca
Status
affected
Version <
03859868ab82d57bfdd0cea1bf31f9319a5dded0
Version
0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca
Status
affected
Version <
f76db6781d76d8464ec2faa9752cc3fb2e4f6923
Version
0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca
Status
affected
Version <
7310b84821f043dcf77d5e6aa0ad55dc1e10a11d
Version
0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca
Status
affected
Version <
6d24b170a9db0456f577b1ab01226a2254c016a8
Version
0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca
Status
affected
VendorLinux
≫
Product
Linux
Default Statusaffected
Version
5.10
Status
affected
Version <
5.10
Version
0
Status
unaffected
Version <=
5.10.*
Version
5.10.188
Status
unaffected
Version <=
5.15.*
Version
5.15.121
Status
unaffected
Version <=
6.1.*
Version
6.1.39
Status
unaffected
Version <=
6.3.*
Version
6.3.13
Status
unaffected
Version <=
6.4.*
Version
6.4.4
Status
unaffected
Version <=
*
Version
6.5
Status
unaffected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.02% | 0.053 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|