CIFS Vulnerability in Linux Kernel Affects Multiple Versions
CVE-2023-53246

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
15 September 2025

What is CVE-2023-53246?

A vulnerability in the CIFS component of the Linux kernel can lead to a NULL pointer dereference when the CONFIG_CIFS_DFS_UPCALL option is disabled. This condition allows for a potential crash during DFS traversal, specifically when handling CIFS_FATTR_DFS_REFERRAL attributes. The flaw is caused by the logic that retains mapping for these attributes regardless of the configuration option, thereby triggering a NULL pointer dereference when traversing DFS referral links. A fix has been implemented to introduce an inline handler, thereby enhancing control over the error handling during these operations.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 25e195aa1e607f129ab912d29fcfc79239703307 < 26a32a212bc540f4773cd6af8cf73e967d72569c

Linux 25e195aa1e607f129ab912d29fcfc79239703307

Linux 25e195aa1e607f129ab912d29fcfc79239703307

References

https://git.kernel.org/stable/c/26a32a212bc540f4773cd6af8...
https://git.kernel.org/stable/c/b64305185b76f1d5145ce594f...
https://git.kernel.org/stable/c/b7d854c33ab48e55fc233699b...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.