CVE-2023-53421

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel where the blkg iostat set structure is not properly re-initialized after being cleared in the blkcg reset stats() function. This occurs when blkg alloc() is called to allocate a blkcg gq structure. Specifically, the blkg and sync fields within blkg iostat set require initialization, which is missed during the clearing process. This can lead to a kernel panic due to a NULL pointer access of the blkg pointer, and potentially issues with lockdep initialization in debug kernels due to the missing sync initialization.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_16880

AZL-71915

BDU:2026-05902

CESA-2023_7077

CVE-2023-53421

ECHO-60CC-C1D9-1B13

RHSA-2023:7077

RHSA-2023_7077

RHSA-2024:1404

RHSA-2024:2394

RHSA-2024:4823

RHSA-2024_2394

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

USN-8162-1

USN-8180-1

USN-8180-2

USN-8180-3

USN-8180-4

USN-8180-5

USN-8180-6

USN-8186-1

USN-8187-1

USN-8188-1

USN-8243-1

USN-8275-1

USN-8297-1

Affected Products

Centos

Debian

Linuxmint

Linux Kernel

Red Hat

Suse

Ubuntu

CVE-2023-53421

Weakness Enumeration

Related Identifiers

Affected Products

References · 1872