BPF Socket Handling Vulnerability in Linux Kernel
CVE-2023-53585

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2023-53585?

A vulnerability exists in the Linux Kernel related to BPF socket handling, which could lead to refcount leaks. Specifically, the bpf_sk_assign function fails to properly manage socket references when dealing with unhashed UDP sockets. These sockets are created without the SOCK_RCU_FREE flag set, allowing for incorrect reference counting. This vulnerability arises during the use of socket-based operations, where a sequence of actions can lead to an improper handling of socket lifecycle events, ultimately violating expected refcounting mechanisms. The issue has been rectified by updating bpf_sk_assign to reject unhashed sockets, aligning its behavior with that of the __inet_lookup_skb function.

Affected Version(s)

Linux cf7fbe660f2dbd738ab58aea8e9b0ca6ad232449 < 791a12102e5191dcb6ce0b3a99d71b5a2802d12a

Linux cf7fbe660f2dbd738ab58aea8e9b0ca6ad232449 < 7dcbc0bb0e5cc1823923744befce59ac353135e6

Linux cf7fbe660f2dbd738ab58aea8e9b0ca6ad232449

References

https://git.kernel.org/stable/c/791a12102e5191dcb6ce0b3a9...

https://git.kernel.org/stable/c/7dcbc0bb0e5cc1823923744be...

https://git.kernel.org/stable/c/c0ce0fb76610d5fad31f56f2c...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Oct 4, 2025

JSON