Login Sign Up

CVE-2023-53140

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE describes a race condition in the Linux kernel's SCSI subsystem where the /proc/scsi directory isn't properly cleaned up during module unloading. This can cause kernel warnings and potential system instability when SCSI modules are reloaded. It affects Linux systems using SCSI modules like scsi_debug.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions from 2009 (commit 77c019768f06) to patched versions
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ✅ No
Notes: Only affects systems using SCSI modules that create /proc/scsi entries, particularly when modules are unloaded and reloaded.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

System crash or kernel panic due to double registration of proc entries, leading to denial of service.

🟠

Likely Case

Kernel warning messages in system logs and potential failure to reload SCSI modules properly.

🟢

If Mitigated

Minor system instability requiring module reload or system restart.

🌐 Internet-Facing: LOW - Requires local access and specific SCSI module operations.
🏢 Internal Only: MEDIUM - Could affect systems where SCSI modules are frequently reloaded by administrators or automated processes.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires local access and ability to load/unload kernel modules. This is a race condition bug rather than a traditional security vulnerability.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 13daafe1e209b03e9bda16ff2bd2b2da145a139b or later

Vendor Advisory: https://git.kernel.org/stable/c/13daafe1e209b03e9bda16ff2bd2b2da145a139b

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution vendor. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Avoid SCSI module reloading

linux

Prevent unloading and reloading of SCSI kernel modules that create /proc/scsi entries

🧯 If You Can't Patch

  • Monitor system logs for 'proc_dir_entry already registered' warnings
  • Avoid unloading SCSI modules that create /proc/scsi entries

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if SCSI modules are being reloaded. Look for 'proc_dir_entry already registered' warnings in dmesg.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commit. Test by unloading and reloading scsi_debug module (if available).

📡 Detection & Monitoring

Log Indicators:

  • Kernel warning: 'proc_dir_entry already registered'
  • WARNING at fs/proc/generic.c:376 proc_register

SIEM Query:

source="kernel" AND "proc_dir_entry" AND "already registered"

📊 Metadata

CVE ID: CVE-2023-53140
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-401
EPSS Score: 0.03% exploit probability (9.6th percentile)
Published: May 2, 2025
Last Updated: November 10, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53140, you might also want to check these:

CVE-2021-40633 8.8

CVE-2021-40633 is a memory leak vulnerability in gif2rgb, a utility in giflib 5.1.4, allowing remote...

Same vulnerability type (CWE-401)
CVE-2021-3492 8.8

CVE-2021-3492 is a kernel vulnerability in Ubuntu's Shiftfs filesystem where improper error handling...

Same vulnerability type (CWE-401)
CVE-2024-25450 8.8

CVE-2024-25450 is a memory allocation vulnerability in imlib2 v1.9.1's init_imlib_fonts() function t...

Same vulnerability type (CWE-401)