CVE-2023-53606Improper Update of Reference Count in Linux

CWE-911Improper Update of Reference Count5 documents5 sources
Severity
5.5MEDIUMNVD
EPSS
0.0%
top 96.97%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 4

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: clean up potential nfsd_file refcount leaks in COPY codepath There are two different flavors of the nfsd4_copy struct. One is embedded in the compound and is used directly in synchronous copies. The other is dynamically allocated, refcounted and tracked in the client struture. For the embedded one, the cleanup just involves releasing any nfsd_files held on its behalf. For the async one, the cleanup is a bit more involved

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.205.10.220+3
Debianlinux/linux_kernel< 5.10.221-1+3
CVEListV5linux/linuxe0639dc5805a9d4faaa2c07ad98fa853b9529dd3fd63299db8090307eae66f2aef17c8f00aafa0a9+5
debiandebian/linux< linux 6.1.20-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-vqjq-cm24-xjp3: In the Linux kernel, the following vulnerability has been resolved: nfsd: clean up potential nfsd_file refcount leaks in COPY codepath There are two2025-10-04
OSV
CVE-2023-53606: In the Linux kernel, the following vulnerability has been resolved: nfsd: clean up potential nfsd_file refcount leaks in COPY codepath There are two d2025-10-04

📋Vendor Advisories

2
Red Hat
kernel: nfsd: clean up potential nfsd_file refcount leaks in COPY codepath2025-10-04
Debian
CVE-2023-53606: linux - In the Linux kernel, the following vulnerability has been resolved: nfsd: clean...2023