CVE-2023-52572

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc4+

Description The issue is related to a use-after-free (UAF) vulnerability in the cifs demultiplex thread() function. This vulnerability can be exploited by an attacker to potentially execute arbitrary code. The UAF occurs when the mid->resp buf is freed while still being used by the cifs demultiplex thread(). The vulnerability can be easily reproduced by adding a delay between steps [3] and [6] in the process. Only synchronous calls are affected, as asynchronous calls have their callbacks executed in the cifsd process.

Recommendations To resolve the issue, update the Linux kernel to a version that includes the fix for the UAF in cifs demultiplex thread(). As a temporary workaround, consider adding an extra state to mark the mid state to READY before waking up the waiter, allowing it to safely get the response.

Exploit

Fix

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

AZL-54137

BDU:2024-01940

CVE-2023-52572

DLA-4178-1

OESA-2025-1282

OESA-2025-1283

OPENSUSE-SU-2024_1489-1

OPENSUSE-SU-2025_0833-1

OPENSUSE-SU-2025_0835-1

OPENSUSE-SU-2025_0853-1

SUSE-SU-2024:1454-1

SUSE-SU-2024:1465-1

SUSE-SU-2024:1489-1

SUSE-SU-2025:0833-1

SUSE-SU-2025:0833-2

SUSE-SU-2025:0834-1

SUSE-SU-2025:0835-1

SUSE-SU-2025:0853-1

SUSE-SU-2025:0945-1

SUSE-SU-2025_0833-1

SUSE-SU-2025_0833-2

SUSE-SU-2025_0834-1

SUSE-SU-2025_0835-1

USN-7123-1

USN-7194-1

USN-7654-1

USN-7654-2

USN-7654-3

USN-7654-4

USN-7654-5

USN-7655-1

USN-7686-1

Affected Products

Astra Linux

Debian

Linuxmint

Linux Kernel

Suse

Ubuntu

CVE-2023-52572

Weakness Enumeration

Related Identifiers

Affected Products

References · 1259