CVE-2023-53576 – A NULL pointer dereference vulnerability in the... (How to Fix)

Q: What is the severity of CVE-2023-53576?

CVE-2023-53576 has a CVSS score of 5.5 (MEDIUM). A NULL pointer dereference vulnerability in the Linux kernel's null_blk driver allows local attackers to cause a kernel oops (crash) by setting queue_mode to 1 via configfs. This affects systems using the null_blk block device driver with configfs configuration. The vulnerability requires local access to the system.

📋 TL;DR

A NULL pointer dereference vulnerability in the Linux kernel's null_blk driver allows local attackers to cause a kernel oops (crash) by setting queue_mode to 1 via configfs. This affects systems using the null_blk block device driver with configfs configuration. The vulnerability requires local access to the system.

💻 Affected Systems

Products:

Linux kernel null_blk driver

Versions: Linux kernel versions before the fix commits (specific versions vary by distribution)

Operating Systems: Linux distributions with vulnerable kernel versions

Default Config Vulnerable: ✅ No

Notes: Only vulnerable when null_blk module is loaded and configfs interface is accessible. Requires manual configuration via configfs to trigger.

📦 What is this software?

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

Linux Kernel by Linux

The Linux Kernel is the core component of the Linux operating system, serving as the critical interface between computer hardware and software processes. As the heart of millions of servers, cloud infrastructure, embedded systems, Android devices, and IoT deployments worldwide, the Linux Kernel mana...

Learn more about Linux Kernel →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Kernel panic leading to system crash and denial of service, potentially causing data loss or service disruption.

🟠

Likely Case

Local denial of service through kernel oops when malicious user configures null_blk device with queue_mode=1.

🟢

If Mitigated

Minimal impact if null_blk module is not loaded or configfs access is restricted to privileged users only.

🌐 Internet-Facing: LOW - Requires local access to the system, not directly exploitable over network.

🏢 Internal Only: MEDIUM - Local users with configfs write access can crash the kernel, affecting system stability.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Reproduction steps are provided in the CVE description. Exploit requires local access and ability to write to configfs.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Fixed in kernel commits: 35e304dbcefa95237a3d6f94c007bfb10f012b17, 63f8793ee60513a09f110ea460a6ff2c33811cdb, 651260e563d9f50827dac496dc8a0b9b23d5db1a, e732a266b973cd4e115e2cc2ea5007119e8a7fbc, fd35b7bb6d5a329c427924886949ab51f210200a

Vendor Advisory: https://git.kernel.org/stable/c/35e304dbcefa95237a3d6f94c007bfb10f012b17

Restart Required: Yes

Instructions:

1. Update Linux kernel to version containing the fix commits. 2. Reboot system to load new kernel. 3. Verify null_blk module loads without issues.

🔧 Temporary Workarounds

Disable null_blk module

linux

Prevent loading of the vulnerable null_blk driver module

echo 'install null_blk /bin/false' >> /etc/modprobe.d/disable-null_blk.conf
rmmod null_blk

Restrict configfs access

linux

Limit configfs write access to privileged users only

chmod 755 /sys/kernel/config
chown root:root /sys/kernel/config/nullb

🧯 If You Can't Patch

Ensure only trusted, privileged users have access to configfs interface
Monitor system logs for null_blk related crashes or configuration attempts

🔍 How to Verify

Check if Vulnerable:

Check if null_blk module is loaded: lsmod | grep null_blk. If loaded and kernel version is before fix commits, system is vulnerable.

Check Version:

uname -r

Verify Fix Applied:

After patching, attempt to reproduce the exploit steps. System should not crash when setting queue_mode=1.

📡 Detection & Monitoring

Log Indicators:

Kernel oops messages mentioning null_blk or null_add_dev
System crashes following configfs write operations

Network Indicators:

None - local vulnerability only

SIEM Query:

source="kernel" AND ("null_blk" OR "null_add_dev") AND ("Oops" OR "panic")

📊 Metadata

CVE ID: CVE-2023-53576

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.02% exploit probability (5.5th percentile)

Published: October 4, 2025

Last Updated: February 6, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-53576, you might also want to check these: