Description

In the Linux kernel, the following vulnerability has been resolved: fscrypt: destroy keyring after security_sb_delete() fscrypt_destroy_keyring() must be called after all potentially-encrypted inodes were evicted; otherwise it cannot safely destroy the keyring. Since inodes that are in-use by the Landlock LSM don't get evicted until security_sb_delete(), this means that fscrypt_destroy_keyring() must be called *after* security_sb_delete(). This fixes a WARN_ON followed by a NULL dereference, only possible if Landlock was being used on encrypted files.

INFO

Published Date :

2025-05-02T15:55:10.138Z

Last Modified :

2025-05-04T12:50:12.748Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53055 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53055.

URL Resource
https://git.kernel.org/stable/c/497ab5d9c7852dfedab2c9de75e41b60e54b7c5d cve-icon cve-icon
https://git.kernel.org/stable/c/992a3f3e8a0c92151dfdf65fc85567c865fd558a cve-icon cve-icon
https://git.kernel.org/stable/c/ccb820dc7d2236b1af0d54ae038a27b5b6d5ae5a cve-icon cve-icon
https://git.kernel.org/stable/c/d77531fac6a1fd9f1db0195438ba5419d72b96c4 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025050207-CVE-2023-53055-afd1@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53055 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53055 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact