CVE-2023-53987

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description A flaw exists in the Linux kernel related to a potential NULL dereference within the /proc/net/icmp interface when using ping sockets. The issue arose after a commit (dbca1596bbb0) transitioned ping sockets to utilize RCU lookups, but the spinlock was not correctly maintained for /proc/net/icmp, leading to the potential for a NULL dereference. The fix reverts to using a spinlock for /proc/net/icmp.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.