CVE-2023-53377 - Vulnerability Details - OpenCVE

In the Linux kernel, the following vulnerability has been resolved:

cifs: prevent use-after-free by freeing the cfile later

In smb2_compound_op we have a possible use-after-free
which can cause hard to debug problems later on.

This was revealed during stress testing with KASAN enabled
kernel. Fixing it by moving the cfile free call to
a few lines below, after the usage.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

No EPSS score available.

Key SSVC decision points have not yet been added.

No data.

No data.

No data.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/33f736187d08f6bc822117629f263b97d3df4165
https://git.kernel.org/stable/c/4fe07d55a5461e66a55fbefb57f85ff0facea32b
https://git.kernel.org/stable/c/b6353518ef8180816e863aa23b06456f395404d6
https://git.kernel.org/stable/c/d017880782cf71f8820ee4a2002843893176501d

History

Thu, 18 Sep 2025 13:45:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2_compound_op we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixing it by moving the cfile free call to a few lines below, after the usage.
Title		cifs: prevent use-after-free by freeing the cfile later
References		https://git.kernel.org/stable/c/33f736187d08f6bc822117629f263b97d3df4165 https://git.kernel.org/stable/c/4fe07d55a5461e66a55fbefb57f85ff0facea32b https://git.kernel.org/stable/c/b6353518ef8180816e863aa23b06456f395404d6 https://git.kernel.org/stable/c/d017880782cf71f8820ee4a2002843893176501d

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-09-18T13:33:23.162Z

Updated: 2025-09-18T13:33:23.162Z

Reserved: 2025-09-17T14:54:09.735Z

Link: CVE-2023-53377

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-09-18T14:15:40.590

Modified: 2025-09-18T14:15:40.590

Link: CVE-2023-53377

Redhat

No data.

OpenCVE Enrichment

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-53377", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2025-09-17T14:54:09.735Z", "datePublished": "2025-09-18T13:33:23.162Z", "dateUpdated": "2025-09-18T13:33:23.162Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-09-18T13:33:23.162Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: prevent use-after-free by freeing the cfile later\n\nIn smb2_compound_op we have a possible use-after-free\nwhich can cause hard to debug problems later on.\n\nThis was revealed during stress testing with KASAN enabled\nkernel. Fixing it by moving the cfile free call to\na few lines below, after the usage."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/client/smb2inode.c"], "versions": [{"version": "76894f3e2f71177747b8b4763fb180e800279585", "lessThan": "4fe07d55a5461e66a55fbefb57f85ff0facea32b", "status": "affected", "versionType": "git"}, {"version": "76894f3e2f71177747b8b4763fb180e800279585", "lessThan": "b6353518ef8180816e863aa23b06456f395404d6", "status": "affected", "versionType": "git"}, {"version": "76894f3e2f71177747b8b4763fb180e800279585", "lessThan": "d017880782cf71f8820ee4a2002843893176501d", "status": "affected", "versionType": "git"}, {"version": "76894f3e2f71177747b8b4763fb180e800279585", "lessThan": "33f736187d08f6bc822117629f263b97d3df4165", "status": "affected", "versionType": "git"}, {"version": "2d046892a493d9760c35fdaefc3017f27f91b621", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["fs/smb/client/smb2inode.c"], "versions": [{"version": "6.1", "status": "affected"}, {"version": "0", "lessThan": "6.1", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.39", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.3.13", "lessThanOrEqual": "6.3.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.4.4", "lessThanOrEqual": "6.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.5", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.1.39"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.3.13"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.4.4"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.1", "versionEndExcluding": "6.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "6.0.16"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/4fe07d55a5461e66a55fbefb57f85ff0facea32b"}, {"url": "https://git.kernel.org/stable/c/b6353518ef8180816e863aa23b06456f395404d6"}, {"url": "https://git.kernel.org/stable/c/d017880782cf71f8820ee4a2002843893176501d"}, {"url": "https://git.kernel.org/stable/c/33f736187d08f6bc822117629f263b97d3df4165"}], "title": "cifs: prevent use-after-free by freeing the cfile later", "x_generator": {"engine": "bippy-1.2.0"}}}}