Linux Kernel Vulnerability in Bidirectional Socket-Node Lookups
CVE-2023-53496

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53496?

A vulnerability exists in the Linux kernel related to the bidirectional lookup between sockets and NUMA nodes. The issue arises when the number of CPUs configured is smaller than the actual CPUs present. This configuration leads to incomplete mapping information, resulting in improper socket-node tables. When these tables are accessed, it can lead to system errors, as the system may attempt to reference disabled CPUs. The vulnerability highlights the need for a revised methodology in socket-node lookups, urging a shift from using CPU references to directly using APICIDs associated with valid NUMA nodes to prevent system instability.

Affected Version(s)

Linux 8a50c58519271dd24ba760bb282875f6ad66ee71 < 0d01a0c3046d1545391ef7bb1f114743d00e3793

Linux 8a50c58519271dd24ba760bb282875f6ad66ee71 < 5290e88ba2c742ca77c5f5b690e5af549cfd8591

Linux 6.5

References

https://git.kernel.org/stable/c/0d01a0c3046d1545391ef7bb1...

https://git.kernel.org/stable/c/5290e88ba2c742ca77c5f5b69...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON