Home

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session->s_cap_lock' is released in ceph_iterate_session_caps() the cap maybe removed by another thread, and when using the stale cap memory in the callbacks it will trigger use-after-free crash. We need to check the existence of the cap just after the 'ci->i_ceph_lock' being acquired. And do nothing if it's already removed.

PUBLISHED Reserved 2025-12-09 | Published 2025-12-24 | Updated 2025-12-24 | Assigner Linux

Product status

Default status
unaffected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 2b2515b8095cf2149bef44383a99d5b5677f1831
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before 448875a73e16ba7d81dec9274ce9d33a12d092fb
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before ae6e935618d99cdba11eab4714092e7e5f13cf7e
affected

1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 (git) before aaf67de78807c59c35bafb5003d4fb457c764800
affected

Default status
affected

6.1.28 (semver)
unaffected

6.2.15 (semver)
unaffected

6.3.2 (semver)
unaffected

6.4 (original_commit_for_fix)
unaffected

References

git.kernel.org/...c/2b2515b8095cf2149bef44383a99d5b5677f1831

git.kernel.org/...c/448875a73e16ba7d81dec9274ce9d33a12d092fb

git.kernel.org/...c/ae6e935618d99cdba11eab4714092e7e5f13cf7e

git.kernel.org/...c/aaf67de78807c59c35bafb5003d4fb457c764800

cve.org (CVE-2023-53867)

nvd.nist.gov (CVE-2023-53867)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.