PT-2025-13371 · Linux+4 · Linux Kernel+4

Published

2023-11-07

·

Updated

2025-06-02

·

CVE-2023-53025

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux Kernel (affected versions not specified)
Description A use-after-free issue in the nfsd4 ssc setup dul() function has been identified. This occurs when signal pending() returns true, causing schedule timeout() to not be executed and leaving the waiting task in the wait queue. The issue is resolved by adding a call to finish wait(), ensuring the waiting task is removed from the wait queue.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-03943
CVE-2023-53025
OPENSUSE-SU-2025_1195-1
RHSA-2023:6583
RHSA-2023_6583
SUSE-SU-2025:1176-1
SUSE-SU-2025:1183-1
SUSE-SU-2025:1195-1
SUSE-SU-2025:1241-1
SUSE-SU-2025_1195-1
SUSE-SU-2025_1241-1

Affected Products

Astra Linux
Linux Kernel
Red Hat
Red Os
Suse