Use-After-Free Vulnerability in Linux Kernel PCI Subsystem
CVE-2023-53363

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
17 September 2025

What is CVE-2023-53363?

A use-after-free vulnerability has been identified in the PCI subsystem of the Linux kernel. This flaw occurs during the cleanup of bus removal, specifically within the function pci_bus_release_domain_nr(), which accesses memory that has already been deallocated. This issue emerged after recent code modifications and has been linked to improper management of memory during device deregistration. Proper reordering of function calls during the teardown process is critical to preventing this security risk. It emphasizes the importance of careful memory management in kernel development to thwart potential exploitation vectors that could arise from accessing freed memory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux f8b6bd6c04d4dfc4c200e6fa306e61e3b42ec5fc < 52b0343c7d628f37b38e3279ba585526b850ad3b

Linux db273126bf548a2dc611372e8f6a817b2b16b563

Linux ead4d69b3ef047b0f670511d81e9ced7ac876b44

References

https://git.kernel.org/stable/c/52b0343c7d628f37b38e3279b...
https://git.kernel.org/stable/c/ad367516b1c09317111255ecf...
https://git.kernel.org/stable/c/fbf45385e3419b8698b5e0a43...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.