CVE-2023-53236Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 94.52%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedSep 15

Description

In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch->end is 0 then setting npfns[0] before computing the new value of pfns will fail to adjust the pfn and result in various page accounting corruptions. It should be ordered after. This seems to result in various kinds of page meta-data corruption related failures: WARNING: CPU: 1 PID: 527 at mm/gup.c:75 try_grab_folio+0x503/0x740 Modules linked in: CPU: 1 PID

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel6.26.2.11+1
Debianlinux/linux_kernel< 6.3.7-1+1
CVEListV5linux/linuxf394576eb11dbcd3a740fa41e577b97f0720d26e6ed5784526ddc0fb58b1798af36ec0c3139a8dca+2
debiandebian/linux< linux 6.3.7-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-f667-j8ph-5fg3: In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch->end is 0 t2025-09-15
OSV
CVE-2023-53236: In the Linux kernel, the following vulnerability has been resolved: iommufd: Do not corrupt the pfn list when doing batch carry If batch->end is 0 the2025-09-15

📋Vendor Advisories

2
Red Hat
kernel: iommufd: Do not corrupt the pfn list when doing batch carry2025-09-15
Debian
CVE-2023-53236: linux - In the Linux kernel, the following vulnerability has been resolved: iommufd: Do...2023
CVE-2023-53236 — Improper Update of Reference Count | cvebase