CVE-2023-53643

Published: Oct 7, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: don't access released socket during error recovery While the error recovery work is temporarily failing reconnect attempts, running the 'nvme list' command causes a kernel NULL pointer dereference by calling getsockname() with a released socket. During error recovery work, the nvme tcp socket is released and a new one created, so it is not safe to access the socket without proper check.

Vendor	Product	Versions
Linux	Linux	affected `02c57a82c0081141abc19150beab48ef47f97f18 - < fe2d9e54165dadaa0d0cc3355c0be9c3e129fa0d` affected `02c57a82c0081141abc19150beab48ef47f97f18 - < d82f762db4776fa11de88018f0f5de2d5db72a72` affected `02c57a82c0081141abc19150beab48ef47f97f18 - < 76d54bf20cdcc1ed7569a89885e09636e9a8d71d`
Linux	Linux	affected `6.1` unaffected `0 - < 6.1` unaffected `6.1.18 - <= 6.1.` unaffected `6.2.5 - <= 6.2.` unaffected `6.3 - <= *`

References

https://git.kernel.org/stable/c/fe2d9e54165dadaa0d0cc3355c0be9c3e129fa0d

https://git.kernel.org/stable/c/d82f762db4776fa11de88018f0f5de2d5db72a72

https://git.kernel.org/stable/c/76d54bf20cdcc1ed7569a89885e09636e9a8d71d

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-53643

Description

Affected Products

References