Unsafe Work Queue Handling in Linux Kernel RDMA Product
CVE-2023-53528

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 1 October 2025

What is CVE-2023-53528?

A vulnerability in the Linux kernel's RDMA subsystem allows potential segmentation faults due to improper handling of work queues. Specifically, if the function create_qp fails to execute fully, the cleanup process may erroneously attempt to drain send or receive work queues that have not been created. This oversight could lead to instability and system crashes. A patch has been implemented to check the existence of these queues before attempting to perform the drain action, enhancing the stability of the kernel in RDMA operations.

Affected Version(s)

Linux 49dc9c1f0c7e396654a31a480328fffd902fa494

Linux 49dc9c1f0c7e396654a31a480328fffd902fa494 < 5993b75d0bc71cd2b441d174b028fc36180f032c

References

https://git.kernel.org/stable/c/da572f6313aeead1f79e08106...

https://git.kernel.org/stable/c/d366642b3099bd322375f5b71...

https://git.kernel.org/stable/c/5993b75d0bc71cd2b441d174b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 1, 2025
Vulnerability Reserved
Oct 1, 2025

JSON