CVE-2023-53025

Description

In the Linux kernel, the following vulnerability has been resolved: NFSD: fix use-after-free in nfsd4_ssc_setup_dul() If signal_pending() returns true, schedule_timeout() will not be executed, causing the waiting task to remain in the wait queue. Fixed by adding a call to finish_wait(), which ensures that the waiting task will always be removed from the wait queue.

Reserved 2025-03-27 | Published 2025-03-27 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

a4bc287943f5695209ff36bdc89f17b48d68fae7 before 6ac4c383c39f8f2f955f868d1ad9365c2363e80b
affected

f4e44b393389c77958f7c58bf4415032b4cda15b before 0a27dcd5343026ac0cb168ee63304255372b7a36
affected

f4e44b393389c77958f7c58bf4415032b4cda15b before 32d5eb95f8f0e362e37c393310b13b9e95404560
affected

f4e44b393389c77958f7c58bf4415032b4cda15b before e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd
affected

Default status
affected

5.14
affected

Any version before 5.14
unaffected

5.15.91
unaffected

6.1.9
unaffected

6.2
unaffected

References

git.kernel.org/...c/6ac4c383c39f8f2f955f868d1ad9365c2363e80b

git.kernel.org/...c/0a27dcd5343026ac0cb168ee63304255372b7a36

git.kernel.org/...c/32d5eb95f8f0e362e37c393310b13b9e95404560

git.kernel.org/...c/e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd

cve.org (CVE-2023-53025)

nvd.nist.gov (CVE-2023-53025)

Download JSON