PT-2025-37542 · Linux+7 · Linux Kernel+7

Published

2023-01-01

·

Updated

2026-05-26

·

CVE-2023-53178

CVSS v3.1

4.7

Medium

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The zswap writeback mechanism contains a race condition that can lead to memory corruption. Specifically, a swapped-out page can be swapped in with data written to a different page. This occurs when a page is removed for writeback, a user-space program faults and invalidates the page entry, and another page is stored at the same offset in zswap. The fix involves checking that the local zswap entry reference remains the same during writeback; if it has changed, the writeback is aborted. The issue was originally discovered during testing with the stress tool.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

DoS

Time Of Check To Time Of Use

Race Condition

Weakness Enumeration

CWE-367CWE-362

Related Identifiers

ALSA-2025:19931
ALSA-2025:19932
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_16880
ALSA-2025_18281
ALSA-2025_19102
ALSA-2025_19103
ALSA-2025_19409
ALSA-2025_19931
ALSA-2025_19932
AZL-71162
BDU:2026-06094
CESA-2025_19931
CESA-2025_19932
CVE-2023-53178
INFSA-2025_19931
INFSA-2025_19932
RHSA-2024:9315
RHSA-2024_9315
RHSA-2025:19886
RHSA-2025:19931
RHSA-2025:19932
RHSA-2025:21051
RHSA-2025:21083
RHSA-2025:21091
RHSA-2025:21128
RHSA-2025:21136
RHSA-2025_19931
RHSA-2025_19932
SUSE-SU-2025:03613-1
SUSE-SU-2025:03614-1
SUSE-SU-2025:03615-1
SUSE-SU-2025:03626-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3761-1
SUSE-SU-2026:0473-1
SUSE-SU-2026:0474-1
SUSE-SU-2026:0475-1
SUSE-SU-2026:0495-1
SUSE-SU-2026:0496-1
SUSE-SU-2026:0617-1
SUSE-SU-2026:1131-1

Affected Products

Almalinux
Centos
Debian
Linux Kernel
Red Hat
Red Os
Rocky Linux
Suse