PT-2025-40235 · Linux+1 · Linux Kernel+1

Published

2023-06-20

Updated

2025-11-19

CVE-2023-53528

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the RDMA/rxe component of the Linux kernel related to unsafe drain work queue code. Specifically, if the create qp function does not complete successfully, the cleanup code may attempt to drain the send or receive work queues before they have been created, leading to a segmentation fault. The issue is addressed by verifying the existence of the queues before attempting to drain them.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

NULL Pointer Dereference

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476CWE-20

Related Identifiers

BDU:2025-16234

CVE-2023-53528

SUSE-SU-2025:03600-1

SUSE-SU-2025:03634-1

SUSE-SU-2025:20851-1

SUSE-SU-2025:20861-1

SUSE-SU-2025:20870-1

SUSE-SU-2025:20898-1

SUSE-SU-2025:3751-1

SUSE-SU-2025:4057-1

SUSE-SU-2025:4132-1

SUSE-SU-2025:4141-1

Affected Products

Linux Kernel

Suse

PT-2025-40235 · Linux+1 · Linux Kernel+1

CVE-2023-53528

Weakness Enumeration

Related Identifiers

Affected Products

References · 1407