UFS Command Management Issue in Linux Kernel
CVE-2023-53387

5.5MEDIUM

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 18 September 2025

What is CVE-2023-53387?

A critical issue in the Linux kernel's UFS error handling process pertains to a device management command (NOP OUT). If the command times out and the mechanism to clear the doorbell fails, the function ufshcd_wait_for_dev_cmd() does not set the completion structure to NULL. Consequently, if the command has been completed by the device, a serious crash occurs at various stack levels, leading to a system panic. This vulnerability represents an important concern for users relying on the stability of devices managed by the Linux kernel, particularly with respect to operational consistency under error conditions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux f5c2976e0cb0f6236013bfb479868531b04f61d4

Linux f5c2976e0cb0f6236013bfb479868531b04f61d4 < 3ffd2cd644e0f1eea01339831bac4b1054e8817c

Linux f5c2976e0cb0f6236013bfb479868531b04f61d4 < 36822124f9de200cedc2f42516301b50d386a6cd

References

https://git.kernel.org/stable/c/cf45493432704786a0f8294c7...

https://git.kernel.org/stable/c/3ffd2cd644e0f1eea01339831...

https://git.kernel.org/stable/c/36822124f9de200cedc2f4251...

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Linux

What is CVE-2023-53387?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.