Memory Freeing Issue in Linux Kernel IB/hfi1 Driver
CVE-2023-53488

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53488?

A vulnerability exists in the Linux kernel’s IB/hfi1 driver related to improper memory management during the hotplug removal process. When a hotplug removal occurs, pending update counters may continue to run after the associated memory has been freed, which could lead to unexpected behavior or system panic. To mitigate this issue, it is crucial to cancel the update counters work before memory is deallocated, ensuring system stability and reliability.

Affected Version(s)

Linux 7724105686e718ac476a6ad3304fea2fbcfcffde < 5e72f33ddfdb69cb21c1b59d31bbd3498d31b14a

Linux 7724105686e718ac476a6ad3304fea2fbcfcffde

References

https://git.kernel.org/stable/c/5e72f33ddfdb69cb21c1b59d3...

https://git.kernel.org/stable/c/bfd727ad8411995218f336ead...

https://git.kernel.org/stable/c/c2145b18740c7e697748e4005...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON