PT-2025-49669 · Linux · Linux Kernel

Published

2025-12-09

Updated

2026-01-28

CVE-2023-53809

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.0-rc5-00205-gc96618275234 #56

Description The Linux kernel contains a flaw in the l2tp implementation that can lead to a recursive deadlock within the l2tp tunnel register() function. This occurs when a file descriptor of a pppol2tp socket is passed as a file descriptor of a UDP socket. The issue is triggered by a specific program that attempts to connect using this configuration, resulting in a lock dependency warning and a potential system hang. The l2tp tunnel register() function and pppol2tp connect() are involved in the deadlock scenario.

Recommendations Update to a version later than 6.2.0-rc5-00205-gc96618275234 #56.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2023-53809

RHSA-2023:2458

SUSE-SU-2026:0316-1

Affected Products

Linux Kernel

PT-2025-49669 · Linux · Linux Kernel

CVE-2023-53809

Related Identifiers

Affected Products

References · 333