CVE-2023-53187 — Use After Free in Linux

CWE-416 — Use After Free6 documents6 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 97.35%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux +3 more

Timeline

PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes unused before we finish its creation, at btrfs_create_pending_block_groups(), then when btrfs_mark_bg_unused() is called against the block group, we assume that the block group is currently in the list of block groups to reclaim, and we move it out of the list of new block groups and into the list of…

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages7 packages

▶NVDlinux/linux_kernel5.15.128 — 5.16+1

▶Debianlinux/linux_kernel< 6.1.52-1+2

▶msrcmsrc/cbl2_kernel_5.15.186.1-1_on_cbl_mariner_2.0

▶msrcmsrc/cbl2_kernel_5.15.200.1-1_on_cbl_mariner_2.0

▶msrcmsrc/cbl2_kernel_5.15.202.1-1_on_cbl_mariner_2.0

Patches

Patch: git.kernel.org ↗Patch: git.kernel.org ↗Patch: git.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-4xcf-q92v-qp8c: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task create↗2025-09-15

▶

OSV

CVE-2023-53187: In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates↗2025-09-15

▶

📋Vendor Advisories

Red Hat

kernel: btrfs: fix use-after-free of new block group that became unused↗2025-09-15

▶

Microsoft

btrfs: fix use-after-free of new block group that became unused↗2025-09-09

▶

Debian

CVE-2023-53187: linux - In the Linux kernel, the following vulnerability has been resolved: btrfs: fix ...↗2023

▶