CVE-2023-53469Race Condition in Kernel

CWE-362Race Condition6 documents5 sources
Severity
7.1HIGH
No vector
EPSS
No EPSS data
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Linux KernelMsrc Azl3 Kernel 6.6.96.2-2 ON Azure Linux 3.0
Timeline
PublishedOct 1
Latest updateOct 14

Description

af_unix: Fix null-ptr-deref in unix_stream_sendpage(). In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix null-ptr-deref in unix_stream_sendpage(). Bing-Jhong Billy Jheng reported null-ptr-deref in unix_stream_sendpage() with detailed analysis and a nice repro. unix_stream_sendpage() tries to add data to the last skb in the peer's recv queue without locking the queue. If the peer's FD is passed to another socket and the socket's FD is passed to the peer, there

Affected Packages3 packages

Linuxlinux/linux_kernel4.2.06.4.12
Debianlinux/linux_kernel< 6.4.13-1+1

🔴Vulnerability Details

3
OSV
af_unix: Fix null-ptr-deref in unix_stream_sendpage().2025-10-01
OSV
CVE-2023-53469: In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix null-ptr-deref in unix_stream_sendpage()2025-10-01
GHSA
GHSA-8r69-gc7h-5h9c: In the Linux kernel, the following vulnerability has been resolved: af_unix: Fix null-ptr-deref in unix_stream_sendpage()2025-10-01

📋Vendor Advisories

2
Microsoft
af_unix: Fix null-ptr-deref in unix_stream_sendpage().2025-10-14
Red Hat
kernel: af_unix: Fix null-ptr-deref in unix_stream_sendpage()2025-10-01

🕵️Threat Intelligence

1
Bleepingcomputer
Microsoft October 2025 Patch Tuesday fixes 6 zero-days, 172 flaws2025-10-14
CVE-2023-53469 — Race Condition in Linux Kernel | cvebase