PT-2025-49477 · Linux · Linux Kernel

Published

2025-12-08

Updated

2026-02-24

CVE-2023-53747

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The Linux kernel contains a use-after-free issue within the vc screen module. Specifically, a struct vc data pointer in the vcs write() function can be freed by vc port destruct() after a call to console unlock(). Subsequently, accessing this freed memory within the vcs size() function leads to a use-after-free condition. This was reported by Syzkaller, which identified a slab-use-after-free in vcs size(). The issue occurs due to the failure to reload the vc data struct pointer after console lock() within the vcs write() function.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53747

RHSA-2024:9315

SUSE-SU-2026:0263-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0473-1

SUSE-SU-2026:0617-1

Affected Products

Linux Kernel

PT-2025-49477 · Linux · Linux Kernel

CVE-2023-53747

Related Identifiers

Affected Products

References · 1184