Login Sign Up

CVE-2023-53023

7.8 HIGH
Denial of Service

📋 TL;DR

A use-after-free vulnerability in the Linux kernel's NFC subsystem allows double-freeing of memory when detaching NFC devices while terminating the NFC daemon. This can lead to kernel crashes, denial of service, or potential privilege escalation. Systems using NFC functionality with affected kernel versions are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions with affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems with NFC functionality enabled and in use. Requires CONFIG_NFC_LLCP=y in kernel configuration.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, potential privilege escalation if combined with other vulnerabilities, or remote code execution in specific configurations.

🟠

Likely Case

Kernel crash or denial of service when NFC devices are detached while the NFC daemon is terminating.

🟢

If Mitigated

Minor system instability or crash limited to NFC functionality if proper kernel hardening is in place.

🌐 Internet-Facing: LOW - Requires local access to NFC subsystem and specific timing conditions.
🏢 Internal Only: MEDIUM - Requires local access but could be triggered by normal NFC device management operations.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires local access and specific timing conditions (detaching NFC device while killing NFC daemon). Found by modified syzkaller fuzzer.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 4bb4db7f3187c6e3de6b229ffc87cdb30a2d22b6 or later

Vendor Advisory: https://git.kernel.org/stable/c/4bb4db7f3187c6e3de6b229ffc87cdb30a2d22b6

Restart Required: No

Instructions:

1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager to update kernel package. 3. For custom kernels: Apply patch from kernel git repository and rebuild.

🔧 Temporary Workarounds

Disable NFC functionality

all

Disable NFC kernel module to prevent exploitation

modprobe -r nfc
echo 'blacklist nfc' >> /etc/modprobe.d/blacklist.conf

Stop NFC daemon

systemd

Stop neard or other NFC daemons to reduce attack surface

systemctl stop neard
systemctl disable neard

🧯 If You Can't Patch

  • Disable NFC hardware and kernel modules
  • Implement strict access controls to prevent unauthorized NFC device management

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if NFC modules are loaded: 'uname -r' and 'lsmod | grep nfc'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes fix commit or is newer than vulnerable versions

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • KASAN use-after-free reports in dmesg
  • NFC daemon crash logs

Network Indicators:

  • Unusual NFC device disconnection patterns

SIEM Query:

source="kernel" AND ("KASAN: use-after-free" OR "BUG: KASAN" OR "local_cleanup")

📊 Metadata

CVE ID: CVE-2023-53023
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.03% exploit probability (8.4th percentile)
Published: March 27, 2025
Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53023, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)