CVE-2023-53246

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to CIFS (Common Internet File System) and DFS (Distributed File System) traversal. When compiled without the CONFIG CIFS DFS UPCALL option enabled, a NULL pointer dereference can occur in the VFS follow automount() function during DFS referral link traversal. This is due to retained logic for mapping CIFS attributes to dentry flags, even when the upcall mechanism is disabled. The issue results in a kernel NULL pointer dereference, potentially leading to system instability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.