PT-2025-38352 · Linux+6 · Linux Kernel+6

Published

2023-01-20

·

Updated

2025-11-24

·

CVE-2023-53373

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)
Description The Linux kernel contains an issue where the seqiv function does not correctly handle the EBUSY return value when the caller specifies MAY BACKLOG. This can lead to a use-after-free condition triggered by backlogged requests. The seqiv function is designed to handle the EINPROGERSS return value, but fails to treat EBUSY similarly, resulting in memory being freed prematurely.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Use After Free

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416CWE-119

Related Identifiers

ALSA-2025:17760
ALSA-2025:18297
ALSA-2025:18298
ALSA-2025_15008
ALSA-2025_15009
ALSA-2025_15785
ALSA-2025_15786
ALSA-2025_16372
ALSA-2025_16373
ALSA-2025_16880
ALSA-2025_17760
ALSA-2025_18281
ALSA-2025_18297
ALSA-2025_18298
ALSA-2025_19102
ALSA-2025_19103
ALSA-2025_19409
BDU:2026-02517
CESA-2025_18297
CESA-2025_18298
CVE-2023-53373
INFSA-2025_17760
INFSA-2025_18297
INFSA-2025_18298
INFSA-2025_21112
RHSA-2025:17760
RHSA-2025:18297
RHSA-2025:18298
RHSA-2025:19104
RHSA-2025:21051
RHSA-2025:21083
RHSA-2025:21112
RHSA-2025:21128
RHSA-2025_17760
RHSA-2025_18297
RHSA-2025_18298
RHSA-2025_21112
SUSE-SU-2025:03615-1
SUSE-SU-2025:03628-1
SUSE-SU-2025:3716-1
SUSE-SU-2025:3761-1
SUSE-SU-2025:4189-1

Affected Products

Almalinux
Astra Linux
Centos
Linux Kernel
Red Hat
Rocky Linux
Suse