CVE-2023-53867

Published: Dec 24, 2025

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session->s_cap_lock' is released in ceph_iterate_session_caps() the cap maybe removed by another thread, and when using the stale cap memory in the callbacks it will trigger use-after-free crash. We need to check the existence of the cap just after the 'ci->i_ceph_lock' being acquired. And do nothing if it's already removed.

Vendor	Product	Versions
Linux	Linux	affected `2f2dc053404febedc9c273452d9d518fb31fde72 - < 2b2515b8095cf2149bef44383a99d5b5677f1831` affected `2f2dc053404febedc9c273452d9d518fb31fde72 - < 448875a73e16ba7d81dec9274ce9d33a12d092fb` affected `2f2dc053404febedc9c273452d9d518fb31fde72 - < ae6e935618d99cdba11eab4714092e7e5f13cf7e` affected `2f2dc053404febedc9c273452d9d518fb31fde72 - < aaf67de78807c59c35bafb5003d4fb457c764800`
Linux	Linux	affected `2.6.34` unaffected `0 - < 2.6.34` unaffected `6.1.28 - <= 6.1.` unaffected `6.2.15 - <= 6.2.` unaffected `6.3.2 - <= 6.3.*` +1 more versions

References

https://git.kernel.org/stable/c/2b2515b8095cf2149bef44383a99d5b5677f1831

https://git.kernel.org/stable/c/448875a73e16ba7d81dec9274ce9d33a12d092fb

https://git.kernel.org/stable/c/ae6e935618d99cdba11eab4714092e7e5f13cf7e

https://git.kernel.org/stable/c/aaf67de78807c59c35bafb5003d4fb457c764800

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2023-53867

Description

Affected Products

References