CVE-2023-54269Double Free in Linux

CWE-415Double Free7 documents6 sources
Severity
5.9MEDIUM
No vector
EPSS
0.0%
top 92.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprt_ctxt while still in use When an RPC request is deferred, the rq_xprt_ctxt pointer is moved out of the svc_rqst into the svc_deferred_req. When the deferred request is revisited, the pointer is copied into the new svc_rqst - and also remains in the svc_deferred_req. In the (rare?) case that the request is deferred a second time, the old svc_deferred_req is reused - it still has all the correct content.

Affected Packages4 packages

Linuxlinux/linux_kernel5.16.06.1.30+2
Debianlinux/linux_kernel< 6.1.37-1+2
CVEListV5linux/linuxf5e13d700a4d40ccde3d36e383f9247dcb3c1d2d7851771789e87108a92697194105ef0c9307dc5e+5
debiandebian/linux< linux 6.1.37-1 (bookworm)

🔴Vulnerability Details

3
OSV
SUNRPC: double free xprt_ctxt while still in use2025-12-30
OSV
CVE-2023-54269: In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprt_ctxt while still in use When an RPC request is deferred,2025-12-30
GHSA
GHSA-cphq-rv4m-x79g: In the Linux kernel, the following vulnerability has been resolved: SUNRPC: double free xprt_ctxt while still in use When an RPC request is deferred2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: SUNRPC: double free xprt_ctxt while still in use2025-12-30
Debian
CVE-2023-54269: linux - In the Linux kernel, the following vulnerability has been resolved: SUNRPC: dou...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54269 Impact, Exploitability, and Mitigation Steps | Wiz