PT-2025-18863 · Linux+3 · Linux Kernel+3

Published

2023-03-09

Updated

2026-03-06

CVE-2023-53099

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.15.36

Description A vulnerability in the Linux kernel has been resolved, where a sleepable memory allocation was made from an atomic context in the Xilinx firmware. The issue was discovered using lockdep and is related to the clk core enable() function. The estimated number of potentially affected devices is not available. There is no information about real-world incidents where this issue was exploited.

Recommendations For Linux kernel versions prior to 5.15.36, pass the GFP ATOMIC gfp flag for the corresponding memory allocation to fix the issue. As a temporary workaround, consider disabling the clk core enable() function until a patch is available. Restrict access to the vulnerable module to minimize the risk of exploitation. Avoid using the clk enable() function in the affected API endpoint until the issue is resolved.

Exploit

Fix

Allocation of Resources Without Limits

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-770CWE-667

Related Identifiers

BDU:2026-03855

CVE-2023-53099

SUSE-SU-2025:01918-1

SUSE-SU-2025:01966-1

SUSE-SU-2025:02173-1

SUSE-SU-2025:02262-1

SUSE-SU-2025:2173-1

SUSE-SU-2025_02173-1

SUSE-SU-2025_02262-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2025-18863 · Linux+3 · Linux Kernel+3

CVE-2023-53099

Weakness Enumeration

Related Identifiers

Affected Products

References · 454