CVE-2023-53645Use After Free in Linux

CWE-416Use After Free5 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.0%
top 95.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedOct 7

Description

In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpf_refcount_acquire fallible for non-owning refs This patch fixes an incorrect assumption made in the original bpf_refcount series [0], specifically that the BPF program calling bpf_refcount_acquire on some node can always guarantee that the node is alive. In that series, the patch adding failure behavior to rbtree_add and list_push_{front, back} breaks this assumption for non-owning references. Consider the follow

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

NVDlinux/linux_kernel6.46.4.4
Debianlinux/linux_kernel< 6.4.4-1+1
CVEListV5linux/linuxd2dcc67df910dd85253a701b6a5b747f955d28f5d906d1b940b9dbf0a3e821d6b32a51c369273d91+2
debiandebian/linux< linux 6.4.4-1 (forky)

Patches

Patch: git.kernel.orgPatch: git.kernel.org

🔴Vulnerability Details

2
GHSA
GHSA-pw78-hwhh-29v2: In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpf_refcount_acquire fallible for non-owning refs This patch fixes an2025-10-07
OSV
CVE-2023-53645: In the Linux kernel, the following vulnerability has been resolved: bpf: Make bpf_refcount_acquire fallible for non-owning refs This patch fixes an in2025-10-07

📋Vendor Advisories

2
Red Hat
kernel: bpf: Make bpf_refcount_acquire fallible for non-owning refs2025-10-07
Debian
CVE-2023-53645: linux - In the Linux kernel, the following vulnerability has been resolved: bpf: Make b...2023