Use-After-Free Vulnerability in Linux Kernel's NFS Server
CVE-2023-53025

7.8HIGH

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 27 March 2025

Summary

A use-after-free vulnerability exists within the Linux kernel's NFS server component, specifically in the nfsd4_ssc_setup_dul() function. This issue arises when signal_pending() returns true, preventing schedule_timeout() from executing, which keeps the waiting task in the wait queue longer than intended. The vulnerability has been addressed by implementing a call to finish_wait(), ensuring that the task is appropriately removed from the wait queue, mitigating the risk of exploitation.

Affected Version(s)

Linux a4bc287943f5695209ff36bdc89f17b48d68fae7 < 6ac4c383c39f8f2f955f868d1ad9365c2363e80b

Linux f4e44b393389c77958f7c58bf4415032b4cda15b < 0a27dcd5343026ac0cb168ee63304255372b7a36

Linux f4e44b393389c77958f7c58bf4415032b4cda15b < 32d5eb95f8f0e362e37c393310b13b9e95404560

References

https://git.kernel.org/stable/c/6ac4c383c39f8f2f955f868d1...

https://git.kernel.org/stable/c/0a27dcd5343026ac0cb168ee6...

https://git.kernel.org/stable/c/32d5eb95f8f0e362e37c39331...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 27, 2025
Vulnerability Reserved
Mar 27, 2025