CVE-2023-53795 — Race Condition During Access to Alternate Channel in Linux

CWE-421 — Race Condition During Access to Alternate Channel6 documents5 sources

Severity

5.8MEDIUM

No vector

EPSS

0.0%

top 89.68%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Linux Kernel Debian Linux

Timeline

PublishedDec 9

Description

In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFD_DESTROY should not increase the refcount syzkaller found a race where IOMMUFD_DESTROY increments the refcount: obj = iommufd_get_object(ucmd->ictx, cmd->id, IOMMUFD_OBJ_ANY); if (IS_ERR(obj)) return PTR_ERR(obj); iommufd_ref_to_users(obj); /* See iommufd_ref_to_users() */ if (!iommufd_object_destroy_user(ucmd->ictx, obj)) As part of the sequence to join the two existing primitives together. Allowing the ref…

Affected Packages4 packages

▶Linuxlinux/linux_kernel6.2.0 — 6.4.8

▶Debianlinux/linux_kernel< 6.4.11-1+1

▶CVEListV5linux/linux2ff4bed7fee72ba1abfcff5f11ae8f8e570353f2 — 495b327435b0298e9b3b434f5834d459a93673ce+2

▶debiandebian/linux< linux 6.4.11-1 (forky)

🔴Vulnerability Details

OSV

iommufd: IOMMUFD_DESTROY should not increase the refcount↗2025-12-09

▶

GHSA

GHSA-54v3-2q3m-7783: In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFD_DESTROY should not increase the refcount syzkaller found a race↗2025-12-09

▶

OSV

CVE-2023-53795: In the Linux kernel, the following vulnerability has been resolved: iommufd: IOMMUFD_DESTROY should not increase the refcount syzkaller found a race w↗2025-12-09

▶

📋Vendor Advisories

Red Hat

kernel: iommufd: IOMMUFD_DESTROY should not increase the refcount↗2025-12-09

▶

Debian

CVE-2023-53795: linux - In the Linux kernel, the following vulnerability has been resolved: iommufd: IO...↗2023

▶