Use After Free Vulnerability in Linux Kernel's DAX Feature
CVE-2023-53613

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 4 October 2025

What is CVE-2023-53613?

A vulnerability in the Linux kernel's DAX (Direct Access) feature allows for a use-after-free condition. This occurs during the release of dax_mapping, which improperly attempts to free an already released IDA object, potentially leading to unexpected behavior or crashes. The flaw arises when a child DAX mapping fails to maintain a reference to its parent dev_dax instance during the cleanup process, allowing for unsafe memory access. Remediation involves ensuring proper memory management during the release sequence to prevent the misuse of freed memory.

Affected Version(s)

Linux 0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca < 94a85474f5e3e518bdbf8c9f51cb343d734a04f7

Linux 0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca < 9c2f993b6ca903c030d58451b5bf9ea27d0d17fa

Linux 0b07ce872a9eca1ff88c0eb7f6e92dde127d21ca < 03859868ab82d57bfdd0cea1bf31f9319a5dded0

References

https://git.kernel.org/stable/c/94a85474f5e3e518bdbf8c9f5...

https://git.kernel.org/stable/c/9c2f993b6ca903c030d58451b...

https://git.kernel.org/stable/c/03859868ab82d57bfdd0cea1b...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2025
Vulnerability Reserved
Oct 4, 2025

JSON