Data Race Vulnerability in Linux Kernel Affecting Network Functionality
CVE-2023-53345

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 17 September 2025

What is CVE-2023-53345?

A data race vulnerability was discovered in the RXRPC implementation of the Linux Kernel. The issue arose within the function 'rxrpc_wait_to_be_connected()', where call state checks were improperly managed. The code accessed 'call->error' without verifying that the call was completed, potentially leading to unexpected behavior during operations. This flaw emphasizes the importance of ensuring state checks before accessing shared variables to maintain network stability and integrity.

Affected Version(s)

Linux 9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d < 3e8ba61a3fe4475a9b5c9fbfc664435c6795d872

Linux 9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d < 454e48a9ff04c5fa1631bb172070fcb6389b97f9

Linux 9d35d880e0e4a3ab32d8c12f9e4d76198aadd42d < 2b5fdc0f5caa505afe34d608e2eefadadf2ee67a

References

https://git.kernel.org/stable/c/3e8ba61a3fe4475a9b5c9fbfc...

https://git.kernel.org/stable/c/454e48a9ff04c5fa1631bb172...

https://git.kernel.org/stable/c/2b5fdc0f5caa505afe34d608e...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 17, 2025
Vulnerability Reserved
Sep 16, 2025