CVE-2023-53794

CVSS v2.0

6.0

Medium

Vector

AV:L/AC:H/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel’s CIFS implementation related to session state handling during reconnection attempts. Specifically, the issue involves not properly releasing exiting sessions in the smb2 reconnect server() function, potentially leading to a use-after-free condition. The vulnerability occurs because exiting sessions are not immediately removed from the server’s session list, and can be accessed after they have been released.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Buffer Overflow

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119CWE-416

Related Identifiers

BDU:2026-01273

CVE-2023-53794

OESA-2026-1275

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:0928-1

SUSE-SU-2026:0961-1

SUSE-SU-2026:1078-1

SUSE-SU-2026:1221-1

SUSE-SU-2026:1285-1

SUSE-SU-2026:1287-1

SUSE-SU-2026:1288-1

SUSE-SU-2026:1293-1

SUSE-SU-2026:1294-1

SUSE-SU-2026:1297-1

SUSE-SU-2026:1298-1

SUSE-SU-2026:1304-1

SUSE-SU-2026:1305-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

SUSE-SU-2026:20845-1

SUSE-SU-2026:20876-1

Affected Products

Debian

Linux Kernel

CVE-2023-53794

Weakness Enumeration

Related Identifiers

Affected Products

References · 2301