Linux Kernel Vulnerability in SCTP Stream Management
CVE-2023-53590

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2023-53590?

A vulnerability in the Linux kernel's SCTP (Stream Control Transmission Protocol) management may lead to excessive resource consumption due to nested loops while managing stream priorities. The issue arises from the lack of reference count management in 'sctp_stream_priorities', which can result in a performance degradation or potential system hang. To mitigate this, a reference count has been added, ensuring that the traversal of all streams is unnecessary during the freeing of a stream's priority. This enhancement minimizes the chance of encountering a soft lockup scenario, which can significantly impact CPU performance and system stability.

Affected Version(s)

Linux a7555681e50bdebed2c40ff7404ee73c2e932993

Linux 176ee6c673ccd118e9392fd2dbb165423bdb99ca < 8ee401f89cdb10f39098c0656d695b2bc4052100

Linux 0dfb9a566327182387c90100ea54d8426cee8c67

References

https://git.kernel.org/stable/c/cec326443f01283ef68ea00c0...

https://git.kernel.org/stable/c/8ee401f89cdb10f39098c0656...

https://git.kernel.org/stable/c/bf5540cbd20e2dae2c81ab9b3...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Oct 4, 2025

JSON