Use-After-Free Vulnerability in Linux Kernel Affects Socket Management
CVE-2023-53426

7.8HIGH

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
18 September 2025

What is CVE-2023-53426?

A use-after-free vulnerability exists in the Linux kernel's xsk_diag interface, which can be exploited if the socket is accessed after being unbound from the device. This situation may arise when the socket is closed or if the associated network device is removed. The vulnerability was introduced when an older method for indicating an unbound socket was removed, which inadvertently left diagnostic code relying on this method operational. To rectify this, the new implementation introduces checks against the socket's state to prevent operations if the socket is in the XSK_UNBOUND state, thereby enhancing socket cleanup and management.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux ad7219cd8751bd258b9d1e69ae0654ec00f71875 < 5979985f2d6b565b6cf0f79a62670a2855c0e96c

Linux 18b1ab7aa76bde181bdb1ab19a87fa9523c32f21 < 6436973164ea5506a495f39e56be5aea375e7832

Linux 18b1ab7aa76bde181bdb1ab19a87fa9523c32f21 < 595931912357fa3507e522a7f8a0a76e423c23e4

References

https://git.kernel.org/stable/c/5979985f2d6b565b6cf0f79a6...
https://git.kernel.org/stable/c/6436973164ea5506a495f39e5...
https://git.kernel.org/stable/c/595931912357fa3507e522a7f...

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.