Linux Kernel Slab-out-of-Bounds Vulnerability in RAID10 Implementation
CVE-2023-53357

7.1HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
17 September 2025

What is CVE-2023-53357?

A vulnerability in the Linux kernel's RAID10 implementation could allow an attacker to exploit the md_bitmap_get_counter function. When a large value is written to md/bitmap_set_bits, the system may face a slab-out-of-bounds situation due to improper error handling within the md_bitmap_get_counter function. By failing to check if the page exceeds the allocated bitmap pages, the function risks manipulating memory incorrectly, potentially leading to system instabilities and security concerns.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ef4256733506f2459a0c436b62267d22a3f0cec6 < 374fb914304d9b500721007f3837ea8f1f9a2418

Linux ef4256733506f2459a0c436b62267d22a3f0cec6

Linux ef4256733506f2459a0c436b62267d22a3f0cec6 < 39fa14e824acfd470db4f42c354297456bd82b53

References

https://git.kernel.org/stable/c/374fb914304d9b500721007f3...
https://git.kernel.org/stable/c/b0b971fe7d61411ede63c3291...
https://git.kernel.org/stable/c/39fa14e824acfd470db4f42c3...

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.