PT-2025-18816 · Linux+4 · Linux Kernel+4

Published

2023-03-14

Updated

2026-05-26

CVE-2023-53052

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc7-lku #23

Description A use-after-free bug has been identified in the Linux kernel, specifically in the refresh cache worker() function. This bug occurred due to the improper handling of DFS root sessions in cifs umount(), which were being executed while the DFS cache refresher was running. The issue has been resolved by making DFS root sessions have the same lifetime as DFS tcons, thus avoiding the use-after-free bug in the DFS cache refresher and other places that require IPCs to get new DFS referrals.

Recommendations For Linux kernel versions prior to 6.2.0-rc7-lku #23, update to a newer version to mitigate the risk of exploitation. As a temporary workaround, consider disabling the refresh cache worker() function until a patch is available. Restrict access to the vulnerable cifs module to minimize the risk of exploitation.

Exploit

Fix

DoS

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALSA-2025_16880

BDU:2025-06768

CVE-2023-53052

ECHO-BF82-35E0-B447

RHSA-2024:2394

RHSA-2024_2394

SUSE-SU-2025:01918-1

SUSE-SU-2025:01966-1

SUSE-SU-2025:01982-1

SUSE-SU-2025:01995-1

SUSE-SU-2025:02173-1

SUSE-SU-2025:02262-1

SUSE-SU-2025:2173-1

SUSE-SU-2025_01982-1

SUSE-SU-2025_02173-1

SUSE-SU-2025_02262-1

Affected Products

Astra Linux

Debian

Linux Kernel

Red Hat

Suse

PT-2025-18816 · Linux+4 · Linux Kernel+4

CVE-2023-53052

Weakness Enumeration

Related Identifiers

Affected Products

References · 551