Linux Kernel CIFS Vulnerability in Data Handling
CVE-2023-53593

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2023-53593?

A vulnerability exists in the Linux kernel's CIFS module that leads to improper handling of file locks during read operations. Specifically, when the function cifs_readpage_worker is executed, it fails to unlock the page lock under certain conditions, causing a lock leak when using fscache. This behavior results in a potential deadlock that can only be resolved with a system reboot. As the function does not free the folio lock after a cache hit, subsequent reads could lead to performance degradation and system stability issues.

Affected Version(s)

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 5a87735675147f848445f05fd1f06168188f91af

Linux 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 < 4259dd534245579c966c53c15187cc8e9461d6e9

References

https://git.kernel.org/stable/c/c3ac8323f2f5b50e32681c254...

https://git.kernel.org/stable/c/5a87735675147f848445f05fd...

https://git.kernel.org/stable/c/4259dd534245579c966c53c15...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Oct 4, 2025

JSON