Description

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: don't access released socket during error recovery While the error recovery work is temporarily failing reconnect attempts, running the 'nvme list' command causes a kernel NULL pointer dereference by calling getsockname() with a released socket. During error recovery work, the nvme tcp socket is released and a new one created, so it is not safe to access the socket without proper check.

INFO

Published Date :

2025-10-07T15:19:42.374Z

Last Modified :

2025-10-07T15:19:42.374Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53643 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53643.

URL Resource
https://git.kernel.org/stable/c/76d54bf20cdcc1ed7569a89885e09636e9a8d71d cve-icon cve-icon
https://git.kernel.org/stable/c/d82f762db4776fa11de88018f0f5de2d5db72a72 cve-icon cve-icon
https://git.kernel.org/stable/c/fe2d9e54165dadaa0d0cc3355c0be9c3e129fa0d cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025100716-CVE-2023-53643-4725@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53643 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53643 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact