CVE-2023-53791

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.5.0-rc2-00121-g01e55c376936-dirty

Description The Linux kernel contains an issue related to a holder mismatch within the export rdev() function in the md (multiple device) subsystem. A warning occurs when claim rdev is used with blkdev get by dev() while rdev is used with blkdev put(). This can happen if mddev->external changes from 0 to 1. The issue is reproducible through a specific test case involving adding and removing devices via sysfs. The test case involves writing to /sys/block/md0/md/new dev and /sys/block/md0/md/dev-${devname}/state. The call trace indicates the issue occurs within the blkdev put() function.

Recommendations Update to Linux kernel version 6.5.0-rc2-00121-g01e55c376936-dirty or later.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53791

RHSA-2024:2394

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Linux Kernel

Red Hat

CVE-2023-53791

Related Identifiers

Affected Products

References · 1458