Linux Kernel Vulnerability Affecting System Stability
CVE-2023-53292

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 16 September 2025

What is CVE-2023-53292?

A vulnerability in the Linux Kernel has been identified that involves a possible NULL dereference when accessing the elevator associated with the blk-mq subsystem. This issue arises when the system's elevator is switched, resulting in a scenario where the elevator pointer may unexpectedly become NULL. The vulnerability is mitigated by implementing a check on the q->elevator after acquiring the sysfs_lock, ensuring the system remains stable and operational.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 3e977386521b71471e66ec2ba82efdfcc456adf2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 245165658e1c9f95c0fecfe02b9b1ebd30a1198a

Linux 6.4.7 <= 6.4.*

References

https://git.kernel.org/stable/c/3e977386521b71471e66ec2ba...

https://git.kernel.org/stable/c/245165658e1c9f95c0fecfe02...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 16, 2025
Vulnerability Reserved
Sep 16, 2025