Login Sign Up

CVE-2023-53116

7.8 HIGH
Denial of Service

📋 TL;DR

This is a use-after-free vulnerability in the Linux kernel's NVMe over Fabrics target subsystem. An attacker could potentially exploit this to cause kernel crashes, privilege escalation, or arbitrary code execution. Systems using NVMe over Fabrics (NVMe-oF) with affected kernel versions are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not explicitly stated in CVE, but patches exist for multiple stable branches (see references).
Operating Systems: Linux distributions using vulnerable kernel versions
Default Config Vulnerable: ✅ No
Notes: Only vulnerable if NVMe over Fabrics (nvmet) subsystem is enabled and in use. Not all Linux systems use this feature.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, or privilege escalation allowing full system compromise.

🟠

Likely Case

System instability, crashes, or denial of service affecting NVMe-oF storage operations.

🟢

If Mitigated

Limited impact if NVMe-oF is not enabled or properly isolated from untrusted networks.

🌐 Internet-Facing: LOW - NVMe-oF typically operates on internal storage networks, not directly internet-facing.
🏢 Internal Only: MEDIUM - Requires access to NVMe-oF storage network, but could be exploited by malicious insiders or compromised internal systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires access to NVMe-oF storage network and ability to trigger specific queue_response operations. No public exploits known at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Multiple stable kernel versions with fixes (see git.kernel.org references in CVE)

Vendor Advisory: https://git.kernel.org/stable/c/6173a77b7e9d3e202bdb9897b23f2a8afe7bf286

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel. 3. Verify kernel version after reboot.

🔧 Temporary Workarounds

Disable NVMe-oF target subsystem

linux

If NVMe over Fabrics is not required, disable the nvmet subsystem to eliminate attack surface.

modprobe -r nvmet
echo 'blacklist nvmet' >> /etc/modprobe.d/blacklist.conf

🧯 If You Can't Patch

  • Isolate NVMe-oF storage network from untrusted systems and users.
  • Implement strict access controls and monitoring on NVMe-oF storage infrastructure.

🔍 How to Verify

Check if Vulnerable:

Check if nvmet module is loaded: lsmod | grep nvmet. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version after update matches patched version. Confirm nvmet module loads without issues.

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic logs
  • OOM killer messages related to nvmet
  • System crashes during NVMe-oF operations

Network Indicators:

  • Unusual NVMe-oF traffic patterns
  • Connection attempts to NVMe-oF ports from unauthorized sources

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "BUG") AND "nvmet"

📊 Metadata

CVE ID: CVE-2023-53116
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.02% exploit probability (5.9th percentile)
Published: May 2, 2025
Last Updated: November 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53116, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)