Login Sign Up

CVE-2023-52757

7.8 HIGH

📋 TL;DR

This CVE describes a potential deadlock vulnerability in the Linux kernel's SMB client implementation. When releasing message IDs (mids) during SMB operations, improper spinlock ordering could cause system deadlocks, leading to denial of service. This affects Linux systems using the kernel's SMB client functionality.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected kernel versions not specified in CVE; check git commits for exact ranges
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using the kernel's SMB client functionality; SMB server functionality is not affected.

📦 What is this software?

Debian Linux by Debian

View all CVEs affecting Debian Linux →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system deadlock requiring hard reboot, causing extended service disruption and potential data loss from interrupted operations.

🟠

Likely Case

Local denial of service affecting SMB client functionality, potentially causing application failures or system instability.

🟢

If Mitigated

Minimal impact with proper kernel updates; systems with updated kernels experience no deadlock.

🌐 Internet-Facing: LOW - Requires local access or SMB client interaction; not directly exploitable over internet.
🏢 Internal Only: MEDIUM - Internal users or processes triggering SMB operations could cause deadlocks affecting system stability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires triggering specific SMB client operations; race condition makes timing difficult.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing fixes from git commits: 99f476e27aad5964ab13777d84fda67d1356dec1, 9eb44db68c5b7f5aa22b8fc7de74a3e2e08d1f29, b9bb9607b1fc12fca51f5632da25b36975f599bf, c1a5962f1462b64fe7b69f20a4b6af8067bc2d26, ce49569079a9d4cad26c0f1d4653382fd9a5ca7a

Vendor Advisory: https://git.kernel.org/stable/c/

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel. 3. Verify kernel version matches patched release.

🔧 Temporary Workarounds

Disable SMB client functionality

linux

Prevent use of kernel SMB client to avoid triggering deadlock

# Consider disabling cifs/smb modules if not needed
# modprobe -r cifs
# echo 'blacklist cifs' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Monitor system for deadlock symptoms and restart affected services
  • Limit SMB client usage to trusted internal networks only

🔍 How to Verify

Check if Vulnerable:

Check kernel version against distribution security advisories; examine if SMB client operations cause deadlocks under load

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the git commit fixes; test SMB client operations under stress

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • System hang/freeze events
  • SMB client timeout errors in system logs

Network Indicators:

  • SMB protocol timeouts from client systems
  • Unresponsive SMB client connections

SIEM Query:

source="kernel" AND ("deadlock" OR "panic" OR "hung task") AND process="cifs"

📊 Metadata

CVE ID: CVE-2023-52757
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
Published: May 21, 2024
Last Updated: November 25, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52757, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)