Linux Kernel NFSv4 Copy Structure Vulnerability in Network File System Daemon
CVE-2023-53606

Currently unrated

Key Information:

Vendor

Linux
Status
Linux
Vendor
CVE Published:
4 October 2025

What is CVE-2023-53606?

A vulnerability exists in the Linux Kernel's network file system daemon (nfsd) related to the nfsd4_copy struct handling. This issue arises from improper cleanup of references to nfsd_file instances during asynchronous copy operations. Specifically, the potential for a reference count leak occurs if the kthread_create call fails. In this scenario, both the source and destination file references associated with the nfsd4_copy structure can leak, leading to possible resource management issues. The cleanup in the code path has been identified as confusing, requiring changes to ensure that references from the embedded copy structure are accurately managed before the function returns. This fix is crucial to maintaining system stability and resource integrity.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Linux e0639dc5805a9d4faaa2c07ad98fa853b9529dd3

Linux e0639dc5805a9d4faaa2c07ad98fa853b9529dd3

Linux e0639dc5805a9d4faaa2c07ad98fa853b9529dd3 < 75b8c681c563ef7e85da6862354efc18d2a08b1b

References

https://git.kernel.org/stable/c/fd63299db8090307eae66f2ae...
https://git.kernel.org/stable/c/b3169b6ffe036b549c296a9e7...
https://git.kernel.org/stable/c/75b8c681c563ef7e85da68623...

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.