Null Pointer Dereference in Linux Kernel due to Overlay Filesystem Permission Check
CVE-2023-53260

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 15 September 2025

What is CVE-2023-53260?

A null pointer dereference vulnerability exists in the overlay filesystem of the Linux kernel, specifically within the permission checking routine. This can occur when a race condition leads to a situation where the required real inode is not correctly retrieved, causing the kernel to dereference a null pointer. Exploitation may lead to system instability or crashes during file permission checks, emphasizing the importance of applying security patches provided by vendors to mitigate potential risks.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux 4b7791b2e95805eaa9568761741d33cf929c930c < 53dd2ca2c02fdcfe3aad2345091d371063f97d17

Linux 4b7791b2e95805eaa9568761741d33cf929c930c < 69f9ae7edf9ec0ff500429101923347fcba5c8c4

Linux 4b7791b2e95805eaa9568761741d33cf929c930c < 1a73f5b8f079fd42a544c1600beface50c63af7c

References

https://git.kernel.org/stable/c/53dd2ca2c02fdcfe3aad23450...

https://git.kernel.org/stable/c/69f9ae7edf9ec0ff500429101...

https://git.kernel.org/stable/c/1a73f5b8f079fd42a544c1600...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 15, 2025
Vulnerability Reserved
Sep 15, 2025

JSON

Linux

What is CVE-2023-53260?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.