CVE-2023-53055

Published: May 2, 2025

Modified: May 23, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after security_sb_delete() fscrypt_destroy_keyring() must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landlock LSM don't get evicted until security_sb_delete(), this means that fscrypt_destroy_keyring() must be called *after* security_sb_delete(). This fixes a WARN_ON followed by a NULL dereference, only possible if Landlock was being used on encrypted files.

Vendor	Product	Versions
Linux	Linux	affected `e6f4fd85ef1ee6ab356bfbd64df28c1cb73aee7e - < 992a3f3e8a0c92151dfdf65fc85567c865fd558a` affected `d7e7b9af104c7b389a0c21eb26532511bce4b510 - < d77531fac6a1fd9f1db0195438ba5419d72b96c4` affected `d7e7b9af104c7b389a0c21eb26532511bce4b510 - < 497ab5d9c7852dfedab2c9de75e41b60e54b7c5d` affected `d7e7b9af104c7b389a0c21eb26532511bce4b510 - < ccb820dc7d2236b1af0d54ae038a27b5b6d5ae5a` affected `391cceee6d435e616f68631e68f5b32d480b1e67` +4 more versions
Linux	Linux	affected `6.1` unaffected `0 - < 6.1` unaffected `5.15.105 - <= 5.15.` unaffected `6.1.22 - <= 6.1.` unaffected `6.2.9 - <= 6.2.*` +1 more versions

References

https://git.kernel.org/stable/c/992a3f3e8a0c92151dfdf65fc85567c865fd558a

https://git.kernel.org/stable/c/d77531fac6a1fd9f1db0195438ba5419d72b96c4

https://git.kernel.org/stable/c/497ab5d9c7852dfedab2c9de75e41b60e54b7c5d

https://git.kernel.org/stable/c/ccb820dc7d2236b1af0d54ae038a27b5b6d5ae5a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-53055

Description

Affected Products

References