Use After Free Vulnerability in Linux Kernel's Virtual Console Driver
CVE-2023-53747

Currently unrated

Key Information:

Vendor: Linux
Status: Linux
Vendor: CVE Published:; 8 December 2025

What is CVE-2023-53747?

A vulnerability in the Linux kernel's virtual console driver presents a use after free (UAF) issue. This arises when a struct vc_data pointer can be freed by the vc_port_destruct function after a console unlock operation in the vcs_write function. Subsequent calls to vcs_size could then access this freed memory, leading to potentially unpredictable behavior or system crashes. This issue was identified through the Syzkaller fuzzer and demands prompt attention to maintain system integrity.

Affected Version(s)

Linux ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff < 934de9a9b659785fed3e820bc0c813a460c71fea

Linux ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff < 0deff678157333d775af190f84696336cdcccd6d

Linux ac751efa6a0d70f2c9daef5c7e3a92270f5c2dff

References

https://git.kernel.org/stable/c/934de9a9b659785fed3e820bc...

https://git.kernel.org/stable/c/0deff678157333d775af190f8...

https://git.kernel.org/stable/c/a4e3c4c65ae8510e01352c9a4...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Dec 8, 2025
Vulnerability Reserved
Dec 8, 2025

JSON