Login Sign Up

CVE-2023-53525

5.5 MEDIUM
Denial of Service

📋 TL;DR

This CVE-2023-53525 is a kernel memory initialization vulnerability in the Linux kernel's RDMA/CMA subsystem. It allows uninitialized memory access when joining multicast groups with non-UD queue pair types, potentially leading to information disclosure or kernel crashes. Systems using RDMA (Remote Direct Memory Access) with multicast capabilities are affected.

💻 Affected Systems

Products:
  • Linux kernel
Versions: Kernel versions before the fix commits (specific versions vary by distribution)
Operating Systems: Linux distributions with RDMA support
Default Config Vulnerable: ✅ No
Notes: Only vulnerable when RDMA is enabled and multicast operations are performed with non-UD queue pair types.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash, or information disclosure of kernel memory contents which could contain sensitive data.

🟠

Likely Case

System instability or crashes when RDMA multicast operations are attempted with non-UD queue pair types.

🟢

If Mitigated

No impact if RDMA multicast is not used or if systems are patched.

🌐 Internet-Facing: LOW - RDMA typically requires specialized hardware and is not commonly exposed to the internet.
🏢 Internal Only: MEDIUM - RDMA is used in high-performance computing and data center environments where this could cause service disruption.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: NO
Unauthenticated Exploit: ✅ No
Complexity: HIGH

Exploitation requires RDMA access and specific multicast operations. The vulnerability was discovered through code analysis and fuzzing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Kernel versions containing commits 02eabb635bc64bd1e3a7cf887d6d182bffb64b99 or later

Vendor Advisory: https://git.kernel.org/stable/c/02eabb635bc64bd1e3a7cf887d6d182bffb64b99

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commit. 2. For distributions: Use package manager (apt/yum/dnf) to update kernel package. 3. Reboot system to load new kernel.

🔧 Temporary Workarounds

Disable RDMA multicast

linux

Prevent use of RDMA multicast functionality which triggers the vulnerability

echo 'blacklist rdma_cm' >> /etc/modprobe.d/blacklist.conf
modprobe -r rdma_cm

Restrict RDMA access

linux

Limit RDMA operations to trusted users and applications

chmod 600 /dev/infiniband/*
setfacl -m u:trusted_user:rw /dev/infiniband/rdma_cm

🧯 If You Can't Patch

  • Disable RDMA functionality entirely if not required
  • Implement strict access controls to prevent unauthorized RDMA operations

🔍 How to Verify

Check if Vulnerable:

Check kernel version and if RDMA modules are loaded: 'uname -r' and 'lsmod | grep rdma'

Check Version:

uname -r

Verify Fix Applied:

Verify kernel version contains fix commit: 'uname -r' and check distribution patch notes

📡 Detection & Monitoring

Log Indicators:

  • Kernel panic messages
  • KMSAN error reports in dmesg
  • RDMA join multicast failures

Network Indicators:

  • Unexpected RDMA multicast traffic patterns
  • RDMA connection failures

SIEM Query:

source="kernel" AND ("KMSAN" OR "uninit-value" OR "cma_make_mc_event")

📊 Metadata

CVE ID: CVE-2023-53525
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
CWE: CWE-908
EPSS Score: 0.02% exploit probability (5.5th percentile)
Published: October 1, 2025
Last Updated: January 27, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53525, you might also want to check these:

CVE-2021-26305 9.8

CVE-2021-26305 is a deserialization vulnerability in the cdr crate for Rust that allows a malicious ...

Same vulnerability type (CWE-908)
CVE-2020-36443 9.8

This vulnerability in libp2p-deflate crate for Rust allows reading uninitialized memory due to passi...

Same vulnerability type (CWE-908)
CVE-2020-36452 9.8

This vulnerability in the array-tools Rust crate allows attackers to cause memory corruption by expl...

Same vulnerability type (CWE-908)