CVE-2023-53751 — Expired Pointer Dereference in Linux

CWE-825 — Expired Pointer Dereference6 documents5 sources

Severity

7.1HIGH

No vector

EPSS

0.0%

top 90.17%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 8

Description

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential use-after-free bugs.

Affected Packages4 packages

▶Linuxlinux/linux_kernel5.0.0 — 6.1.28+2

▶Debianlinux/linux_kernel< 6.1.37-1+2

▶CVEListV5linux/linux93d5cb517db39e8af8d1292f9e785e4983b7f708 — 64d62ac6d6514cba1305bd08e271ec1843bdd612+4

▶debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

GHSA

GHSA-7gp2-6wc7-fw9f: In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_↗2025-12-08

▶

OSV

CVE-2023-53751: In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_In↗2025-12-08

▶

OSV

cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname↗2025-12-08

▶

📋Vendor Advisories

Red Hat

kernel: Linux kernel (CIFS): Use-after-free vulnerability allows data integrity compromise and denial of service↗2025-12-08

▶

Debian

CVE-2023-53751: linux - In the Linux kernel, the following vulnerability has been resolved: cifs: fix p...↗2023

▶