CVE-2023-53623Race Condition in Linux

CWE-362Race ConditionCWE-413Improper Resource Locking6 documents6 sources
Severity
4.7MEDIUMNVD
EPSS
0.0%
top 97.61%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7
Latest updateApr 20

Description

In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() The si->lock must be held when deleting the si from the available list. Otherwise, another thread can re-add the si to the available list, which can lead to memory corruption. The only place we have found where this happens is in the swapoff path. This case can be described as below: core 0 core 1 swapoff del_from_avail_list(si) waiting try lock si->loc

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.0 | Impact: 3.6

Affected Packages4 packages

NVDlinux/linux_kernel4.144.14.313+7
Debianlinux/linux_kernel< 5.10.178-1+3
CVEListV5linux/linuxa2468cc9bfdff6139f59ca896671e5819ff5f94a111a79d9b92f0a679fe300ccd3119ae9741f3d54+8
debiandebian/linux< linux 6.1.25-1 (bookworm)

Patches

Patch: git.kernel.orgPatch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

3
VulDB
Linux Kernel up to 6.2.10 lib/plist.c get_swap_pages swap_info[] memory corruption (Nessus ID 284758 / WID-SEC-2025-2229)2026-04-20
OSV
CVE-2023-53623: In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() The si->lo2025-10-07
GHSA
GHSA-2qcj-hqq8-v6f6: In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix swap_info_struct race between swapoff and get_swap_pages() The si->2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: mm/swap: fix swap_info_struct race between swapoff and get_swap_pages()2025-10-07
Debian
CVE-2023-53623: linux - In the Linux kernel, the following vulnerability has been resolved: mm/swap: fi...2023