CVE-2023-53224

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains an issue related to a function prototype mismatch within the ext4 module. Specifically, the ext4 feat ktype function was setting the "release" handler to kfree, which has an incompatible function prototype. This incompatibility can lead to kernel panics or thread termination when kernel control flow integrity (kCFI) is enabled, potentially mitigating return-oriented programming (ROP) attacks. The issue was identified using Clang's -Wcast-function-type-strict flag and occurs during module unloading when ext4 is loaded as a module.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Leak

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-670CWE-401

Related Identifiers

ALSA-2025_16880

BDU:2026-06000

CESA-2024_3138

CVE-2023-53224

RHSA-2023:6583

RHSA-2023_6583

RHSA-2024:3138

RHSA-2024_3138

Affected Products

Astra Linux

Centos

Linux Kernel

Red Hat

Ext4

CVE-2023-53224

Weakness Enumeration

Related Identifiers

Affected Products

References · 28