CVE-2023-54276Improper Initialization in Linux

CWE-665Improper Initialization7 documents6 sources
Severity
5.8MEDIUM
No vector
EPSS
0.0%
top 92.57%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
LinuxLinux KernelDebian Linux
Timeline
PublishedDec 30

Description

In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net Commit f5f9d4a314da ("nfsd: move reply cache initialization into nfsd startup") moved the initialization of the reply cache into nfsd startup, but didn't account for the stats counters, which can be accessed before nfsd is ever started. The result can be a NULL pointer dereference when someone accesses /proc/fs/nfsd/reply_cache_stats while nfsd is still

Affected Packages4 packages

Linuxlinux/linux_kernel6.3.06.4.4
Debianlinux/linux_kernel< 6.4.4-1+1
CVEListV5linux/linux4e18b58b106e34ac69d3052dd91f520bd83cf2fc3025d489f9c8984d1bf5916c4a20097ed80fca5c+5
debiandebian/linux< linux 6.4.4-1 (forky)

🔴Vulnerability Details

3
OSV
nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net2025-12-30
GHSA
GHSA-4hqq-5h4g-jhph: In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net Commi2025-12-30
OSV
CVE-2023-54276: In the Linux kernel, the following vulnerability has been resolved: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net Commit2025-12-30

📋Vendor Advisories

2
Red Hat
kernel: nfsd: move init of percpu reply_cache_stats counters back to nfsd_init_net2025-12-30
Debian
CVE-2023-54276: linux - In the Linux kernel, the following vulnerability has been resolved: nfsd: move ...2023

🕵️Threat Intelligence

1
Wiz
CVE-2023-54276 Impact, Exploitability, and Mitigation Steps | Wiz