CVE-2023-53490
📋 TL;DR
A race condition vulnerability in the Linux kernel's MPTCP implementation allows a NULL pointer dereference when disconnect() or shutdown() operations race with accept() calls. This can cause kernel crashes (denial of service) on systems using MPTCP. All Linux systems with MPTCP enabled are potentially affected.
💻 Affected Systems
- Linux kernel
📦 What is this software?
Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →Linux Kernel by Linux
The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...
Learn more about Linux Kernel →⚠️ Risk & Real-World Impact
Worst Case
Kernel panic leading to system crash and denial of service, potentially requiring physical or remote console access to reboot.
Likely Case
Local denial of service through kernel crash, disrupting all services on the affected system.
If Mitigated
No impact if MPTCP is disabled or the system is patched.
🎯 Exploit Status
Exploitation requires local access and ability to create MPTCP sockets. The vulnerability was discovered through fuzzing/syzkaller.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Kernel versions containing the fix commits: 511b90e39250135a7f900f1c3afbce25543018a2, b2b4c84eb7149f34c0f25f17042d095ba5357d68, ded9f5551ce5cafa3c41c794428c27a0d0a00542
Vendor Advisory: https://git.kernel.org/stable/c/511b90e39250135a7f900f1c3afbce25543018a2
Restart Required: Yes
Instructions:
1. Update Linux kernel to a version containing the fix commits. 2. Reboot the system to load the new kernel. 3. Verify MPTCP functionality if required.
🔧 Temporary Workarounds
Disable MPTCP
linuxDisable Multipath TCP support if not required
echo 'net.mptcp.enabled=0' >> /etc/sysctl.conf
sysctl -p
🧯 If You Can't Patch
- Disable MPTCP via sysctl as temporary mitigation
- Restrict local user access to minimize potential for exploitation
🔍 How to Verify
Check if Vulnerable:
Check kernel version and if MPTCP is enabled: uname -r && sysctl net.mptcp.enabledCheck Version:
uname -rVerify Fix Applied:
Verify kernel version is patched and MPTCP functionality works without crashes📡 Detection & Monitoring
Log Indicators:
- Kernel panic logs
- NULL pointer dereference errors in kernel logs
- System crash/reboot events
Network Indicators:
- Sudden loss of MPTCP connections
SIEM Query:
source="kernel" AND "NULL pointer dereference" AND "mptcp"