CVE-2023-53488 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved:

IB/hfi1: Fix possible panic during hotplug remove

During hotplug remove it is possible that the update counters work
might be pending, and may run after memory has been freed.
Cancel the update counters work before freeing memory.

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00024.

Key SSVC decision points have not yet been added.

No data.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://git.kernel.org/stable/c/33c677d1e087e437c7dcaad8d73402cf6add282e
https://git.kernel.org/stable/c/4fdfaef71fced490835145631a795497646f4555
https://git.kernel.org/stable/c/5e72f33ddfdb69cb21c1b59d31bbd3498d31b14a
https://git.kernel.org/stable/c/918c1e6843b7e81d0e5cf7994f41f28dc34c98b0
https://git.kernel.org/stable/c/ac6640f4193d0f5b44269a7f08372909f9a18e5c
https://git.kernel.org/stable/c/bfd727ad8411995218f336ead9f2becfde7f3a89
https://git.kernel.org/stable/c/c2145b18740c7e697748e4005ce93a5c683c86a8
https://git.kernel.org/stable/c/d32a5e9b825d40c08a43dfbcba007159fed41a5d
https://lore.kernel.org/linux-cve-announce/2025100123-CVE-2023-53488-2533@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2023-53488
https://www.cve.org/CVERecord?id=CVE-2023-53488

History

Thu, 02 Oct 2025 00:15:00 +0000

Type	Values Removed	Values Added
References		https://lore.kernel.org/linux-cve-announce/2025100123-CVE-2023-53488-2533@gregkh/T https://nvd.nist.gov/vuln/detail/CVE-2023-53488 https://www.cve.org/CVERecord?id=CVE-2023-53488
Metrics	threat_severity `None`	cvssV3_1 `{'score': 7.0, 'vector': 'CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H'}` threat_severity `Important`

Wed, 01 Oct 2025 12:00:00 +0000

Type	Values Removed	Values Added
Description		In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix possible panic during hotplug remove During hotplug remove it is possible that the update counters work might be pending, and may run after memory has been freed. Cancel the update counters work before freeing memory.
Title		IB/hfi1: Fix possible panic during hotplug remove
References		https://git.kernel.org/stable/c/33c677d1e087e437c7dcaad8d73402cf6add282e https://git.kernel.org/stable/c/4fdfaef71fced490835145631a795497646f4555 https://git.kernel.org/stable/c/5e72f33ddfdb69cb21c1b59d31bbd3498d31b14a https://git.kernel.org/stable/c/918c1e6843b7e81d0e5cf7994f41f28dc34c98b0 https://git.kernel.org/stable/c/ac6640f4193d0f5b44269a7f08372909f9a18e5c https://git.kernel.org/stable/c/bfd727ad8411995218f336ead9f2becfde7f3a89 https://git.kernel.org/stable/c/c2145b18740c7e697748e4005ce93a5c683c86a8 https://git.kernel.org/stable/c/d32a5e9b825d40c08a43dfbcba007159fed41a5d

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2025-10-01T11:45:40.546Z

Updated: 2025-10-01T11:45:40.546Z

Reserved: 2025-10-01T11:39:39.402Z

Link: CVE-2023-53488

Vulnrichment

No data.

NVD

Status : Received

Published: 2025-10-01T12:15:51.797

Modified: 2025-10-01T12:15:51.797

Link: CVE-2023-53488

Redhat

Severity : Important

Publid Date: 2025-10-01T00:00:00Z

Links: CVE-2023-53488 - Bugzilla

OpenCVE Enrichment

No data.

Metrics

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object

JSON object