CVE-2023-53867 | THREATINT

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session->s_cap_lock' is released in ceph_iterate_session_caps() the cap maybe removed by another thread, and when using the stale cap memory in the callbacks it will trigger use-after-free crash. We need to check the existence of the cap just after the 'ci->i_ceph_lock' being acquired. And do nothing if it's already removed.

PUBLISHED Reserved 2025-12-09 | Published 2025-12-24 | Updated 2026-01-05 | Assigner Linux

Product status

Default status

unaffected

2f2dc053404febedc9c273452d9d518fb31fde72 (git) before 2b2515b8095cf2149bef44383a99d5b5677f1831

affected

2f2dc053404febedc9c273452d9d518fb31fde72 (git) before 448875a73e16ba7d81dec9274ce9d33a12d092fb

affected

2f2dc053404febedc9c273452d9d518fb31fde72 (git) before ae6e935618d99cdba11eab4714092e7e5f13cf7e

affected

2f2dc053404febedc9c273452d9d518fb31fde72 (git) before aaf67de78807c59c35bafb5003d4fb457c764800

affected

Default status

affected

2.6.34

affected

Any version before 2.6.34

unaffected

6.1.28 (semver)

unaffected

6.2.15 (semver)

unaffected

6.3.2 (semver)

unaffected

6.4 (original_commit_for_fix)

unaffected

References

git.kernel.org/...c/2b2515b8095cf2149bef44383a99d5b5677f1831

git.kernel.org/...c/448875a73e16ba7d81dec9274ce9d33a12d092fb

git.kernel.org/...c/ae6e935618d99cdba11eab4714092e7e5f13cf7e

git.kernel.org/...c/aaf67de78807c59c35bafb5003d4fb457c764800

cve.org (CVE-2023-53867)

nvd.nist.gov (CVE-2023-53867)

Download JSON

help @ threatint.eu