CVE-2023-53331 – This vulnerability in the Linux kernel's pstore... (How to Fix)

Q: What is the severity of CVE-2023-53331?

CVE-2023-53331 has a CVSS score of 7.8 (HIGH). This vulnerability in the Linux kernel's pstore/ram subsystem allows a local attacker to cause a kernel panic (system crash) by triggering a write to an improperly initialized persistent RAM buffer. It affects Linux systems using pstore/ram for crash logging. The issue occurs during initialization when empty buffers aren't properly validated.

📋 TL;DR

This vulnerability in the Linux kernel's pstore/ram subsystem allows a local attacker to cause a kernel panic (system crash) by triggering a write to an improperly initialized persistent RAM buffer. It affects Linux systems using pstore/ram for crash logging. The issue occurs during initialization when empty buffers aren't properly validated.

💻 Affected Systems

Products:

Linux kernel

Versions: Specific affected versions not explicitly stated in CVE, but references indicate fixes in stable kernel trees. Likely affects versions before the fix commits.

Operating Systems: Linux distributions using affected kernel versions

Default Config Vulnerable: ✅ No

Notes: Only affects systems using pstore/ram functionality (typically for crash logging). Many systems may not have this enabled by default.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system crash/kernel panic leading to denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

System crash when pstore/ram attempts to write to an invalid buffer location, resulting in denial of service.

🟢

If Mitigated

No impact if the system is patched or doesn't use pstore/ram functionality.

🌐 Internet-Facing: LOW - Requires local access to trigger; not remotely exploitable.

🏢 Internal Only: MEDIUM - Local attackers or malicious processes could crash the system, but requires specific conditions to trigger.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and ability to trigger pstore/ram writes. Exploitation depends on specific system configuration and timing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 25fb4e3402d46f425ec135ef6f09792a4c1b3003, 89312657337e6e03ad6e9ea1a462bd9c158c85c8, c807ccdd812d18985860504b503899f3140a9549, dc2f60de9a7d3efd982440117dab5579898d808c, e95d7a8a6edd14f8fab44c777dd7281db91f6ae2

Vendor Advisory: https://git.kernel.org/stable/c/25fb4e3402d46f425ec135ef6f09792a4c1b3003

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Check with your distribution for specific patched kernel versions. 3. Reboot system after kernel update.

🔧 Temporary Workarounds

Disable pstore/ram

linux

Disable the vulnerable pstore/ram subsystem if not needed for crash logging.

echo 0 > /sys/module/pstore/parameters/backend
Remove 'pstore' from kernel command line or modules

🧯 If You Can't Patch

Disable pstore/ram functionality if not required
Restrict local user access to prevent malicious users from triggering the vulnerability

🔍 How to Verify

Check if Vulnerable:

Check if pstore is enabled: cat /sys/module/pstore/parameters/backend. Check kernel version against patched versions.

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version includes the fix commits. Check that pstore functionality still works without crashes.

📡 Detection & Monitoring

Log Indicators:

Kernel panic messages
pstore/ram access errors in kernel logs
System crash/reboot events

Network Indicators:

None - local vulnerability only

SIEM Query:

Search for: 'kernel panic', 'pstore', 'ramoops', 'system crash' in system logs

📊 Metadata

CVE ID: CVE-2023-53331

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-787

EPSS Score: 0.01% exploit probability (1th percentile)

Published: September 16, 2025

Last Updated: January 14, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53331, you might also want to check these: