CVE-2023-53025

27 Mar 2025

Título es

CVE-2023-53025

Jue, 27/03/2025 – 17:15

Tipo

CWE-416

Gravedad 2.0 Txt

Pendiente de análisis

Título en

CVE-2023-53025

Descripción en

In the Linux kernel, the following vulnerability has been resolved:

NFSD: fix use-after-free in nfsd4_ssc_setup_dul()

If signal_pending() returns true, schedule_timeout() will not be executed,
causing the waiting task to remain in the wait queue.
Fixed by adding a call to finish_wait(), which ensures that the waiting
task will always be removed from the wait queue.

27/03/2025

Vector CVSS:3.1

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Gravedad 3.1 (CVSS 3.1 Base Score)

7.80

Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)

HIGH

Referencias

https://git.kernel.org/stable/c/0a27dcd5343026ac0cb168ee63304255372b7a36

https://git.kernel.org/stable/c/32d5eb95f8f0e362e37c393310b13b9e95404560

https://git.kernel.org/stable/c/6ac4c383c39f8f2f955f868d1ad9365c2363e80b

https://git.kernel.org/stable/c/e6cf91b7b47ff82b624bdfe2fdcde32bb52e71dd

Enviar en el boletín

Off

CVE-2023-53025

CVE-2023-53025

Jose Alexis Correa Valencia