Login Sign Up

CVE-2023-52974

7.8 HIGH
Denial of Service

📋 TL;DR

A use-after-free vulnerability in the Linux kernel's iSCSI TCP module allows attackers to potentially crash the system or execute arbitrary code. This affects Linux systems using iSCSI storage connections. The vulnerability occurs when session creation fails while userspace is accessing host IP address attributes.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific kernel versions with the vulnerable iSCSI TCP module
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if iSCSI TCP module is loaded and in use

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash or potential privilege escalation to kernel-level code execution

🟠

Likely Case

System crash or denial of service affecting iSCSI storage connectivity

🟢

If Mitigated

Limited impact with proper access controls and network segmentation

🌐 Internet-Facing: LOW - iSCSI typically runs on internal storage networks
🏢 Internal Only: MEDIUM - Requires access to iSCSI services on internal networks

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires access to iSCSI services and ability to trigger session creation failures

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 0aaabdb900c7 or later

Vendor Advisory: https://git.kernel.org/stable/c/0aaabdb900c7415caa2006ef580322f7eac5f6b6

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version 2. Reboot system 3. Verify iSCSI services are functioning

🔧 Temporary Workarounds

Disable iSCSI TCP module

linux

Unload the vulnerable kernel module if iSCSI is not required

modprobe -r iscsi_tcp

Block iSCSI network access

linux

Restrict access to iSCSI ports (typically TCP 3260)

iptables -A INPUT -p tcp --dport 3260 -j DROP

🧯 If You Can't Patch

  • Implement strict network segmentation for iSCSI storage networks
  • Restrict user access to iSCSI configuration and management interfaces

🔍 How to Verify

Check if Vulnerable:

Check if iSCSI TCP module is loaded: lsmod | grep iscsi_tcp

Check Version:

uname -r

Verify Fix Applied:

Check kernel version includes fix commits: uname -r and verify against patched versions

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • iSCSI session creation failures
  • Use-after-free kernel warnings

Network Indicators:

  • Multiple failed iSCSI login attempts
  • Abnormal iSCSI session terminations

SIEM Query:

source="kernel" AND ("panic" OR "use-after-free" OR "iscsi_tcp")

📊 Metadata

CVE ID: CVE-2023-52974
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.04% exploit probability (12.1th percentile)
Published: March 27, 2025
Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-52974, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)