Description

In the Linux kernel, the following vulnerability has been resolved: ceph: fix potential use-after-free bug when trimming caps When trimming the caps and just after the 'session->s_cap_lock' is released in ceph_iterate_session_caps() the cap maybe removed by another thread, and when using the stale cap memory in the callbacks it will trigger use-after-free crash. We need to check the existence of the cap just after the 'ci->i_ceph_lock' being acquired. And do nothing if it's already removed.

INFO

Published Date :

2025-12-24T10:55:25.430Z

Last Modified :

2026-01-05T10:33:19.509Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2023-53867 vulnerability.

Vendors Products
Linux
  • Linux Kernel
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53867.

URL Resource
https://git.kernel.org/stable/c/2b2515b8095cf2149bef44383a99d5b5677f1831 cve-icon cve-icon
https://git.kernel.org/stable/c/448875a73e16ba7d81dec9274ce9d33a12d092fb cve-icon cve-icon
https://git.kernel.org/stable/c/aaf67de78807c59c35bafb5003d4fb457c764800 cve-icon cve-icon
https://git.kernel.org/stable/c/ae6e935618d99cdba11eab4714092e7e5f13cf7e cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2025122422-CVE-2023-53867-cb3e@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2023-53867 cve-icon
https://www.cve.org/CVERecord?id=CVE-2023-53867 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact