CVE-2023-53307

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-53307
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53307.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-53307
Downstream
Related
Published
2025-09-16T16:11:46.288Z
Modified
2026-03-09T23:51:03.204015Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
rbd: avoid use-after-free in do_rbd_add() when rbd_dev_create() fails
Details

In the Linux kernel, the following vulnerability has been resolved:

rbd: avoid use-after-free in dorbdadd() when rbddevcreate() fails

If getting an ID or setting up a work queue in rbddevcreate() fails, use-after-free on rbddev->rbdclient, rbddev->spec and rbddev->opts is triggered in dorbdadd(). The root cause is that the ownership of these structures is transfered to rbddev prematurely and they all end up getting freed when rbddevcreate() calls rbddevfree() prior to returning to dorbd_add().

Found by Linux Verification Center (linuxtesting.org) with SVACE, an incomplete patch submitted by Natalia Petrova n.petrova@fintech.ru.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53307.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
1643dfa4c2c827d6e2aa419df8c17b0f24090278
Fixed
71da2a151ed1adb0aea4252b16d81b53012e7afd
Fixed
e3cbb4d60764295992c95344f2d779439e8b34ce
Fixed
9787b328c42c13c4f31e7d5042c4e877e9344068
Fixed
ae16346078b1189aee934afd872d9f3d0a682c33
Fixed
a73783e4e0c4d1507794da211eeca75498544dff
Fixed
faa7b683e436664fff5648426950718277831348
Fixed
cc8c0dd2984503ed09efa37bcafcef3d3da104e8
Fixed
f7c4d9b133c7a04ca619355574e96b6abf209fba

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53307.json"