Login Sign Up

CVE-2023-53484

7.8 HIGH
Denial of Service

📋 TL;DR

This CVE describes a use-after-free vulnerability in the Linux kernel's CPU affinity notification mechanism. When specific functions are called with NULL parameters, memory is freed but pointers remain in an array, potentially allowing attackers to execute arbitrary code or crash the system. All Linux systems using affected kernel versions are vulnerable.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Specific affected versions not specified in CVE description; check kernel commit history for exact ranges
Operating Systems: Linux distributions using affected kernel versions
Default Config Vulnerable: ⚠️ Yes
Notes: Vulnerability exists in lib/cpu_rmap.c; requires specific sequence of function calls to trigger

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel memory corruption leading to arbitrary code execution with kernel privileges, system crashes, or privilege escalation.

🟠

Likely Case

Kernel panic or system crash causing denial of service.

🟢

If Mitigated

No impact if patched or if the vulnerable code path isn't triggered.

🌐 Internet-Facing: LOW - Requires local access or ability to trigger specific kernel functions.
🏢 Internal Only: MEDIUM - Local users or processes could potentially exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Requires specific sequence: irq_set_affinity_notifier(irq, NULL) followed by free_irq_cpu_rmap(); original description states no current code exercises this flow

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions with commits 4e0473f1060aa49621d40a113afde24818101d37 or related fixes

Vendor Advisory: https://git.kernel.org/stable/c/4e0473f1060aa49621d40a113afde24818101d37

Restart Required: Yes

Instructions:

1. Update Linux kernel to patched version from your distribution's repositories. 2. Reboot system to load new kernel.

🔧 Temporary Workarounds

Avoid triggering vulnerable code path

linux

Prevent calls to irq_set_affinity_notifier() with NULL notify parameter followed by free_irq_cpu_rmap()

🧯 If You Can't Patch

  • Restrict local user access to systems
  • Monitor for kernel panic/crash events and investigate root causes

🔍 How to Verify

Check if Vulnerable:

Check kernel version and compare with distribution's security advisories; examine if kernel includes vulnerable cpu_rmap code

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version is updated to include the fix commits; check /proc/version or uname -r

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • System crash/reboot events
  • OOM killer activity

Network Indicators:

  • None - local vulnerability

SIEM Query:

source="kernel" AND ("panic" OR "Oops" OR "BUG")

📊 Metadata

CVE ID: CVE-2023-53484
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-416
EPSS Score: 0.02% exploit probability (5.6th percentile)
Published: October 1, 2025
Last Updated: January 20, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53484, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)