CVE-2023-53536
- Source
- https://cve.org/CVERecord?id=CVE-2023-53536
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53536.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-53536
- Downstream
- Published
- 2025-10-04T15:16:47.304Z
- Modified
- 2026-03-20T12:33:13.165407Z
- Summary
- blk-crypto: make blk_crypto_evict_key() more robust
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
blk-crypto: make blkcryptoevict_key() more robust
If blkcryptoevictkey() sees that the key is still in-use (due to a bug) or that ->keyslotevict failed, it currently just returns while leaving the key linked into the keyslot management structures.
However, blkcryptoevictkey() is only called in contexts such as inode eviction where failure is not an option. So actually the caller proceeds with freeing the blkcryptokey regardless of the return value of blkcryptoevictkey().
These two assumptions don't match, and the result is that there can be a use-after-free in blkcryptoreprogramallkeys() after one of these errors occurs. (Note, these errors shouldn't happen; we're just talking about what happens if they do anyway.)
Fix this by making blkcryptoevict_key() unlink the key from the keyslot management structures even on failure.
Also improve some comments.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53536.json", "cna_assigner": "Linux" }- References
-
- https://git.kernel.org/stable/c/5bb4005fb667c6e2188fa87950f8d5faf2994410
- https://git.kernel.org/stable/c/5c62852942667c613de0458fc797c5b8c36112b5
- https://git.kernel.org/stable/c/5c7cb94452901a93e90c2230632e2c12a681bc92
- https://git.kernel.org/stable/c/64ef787bb1588475163069c2e62fdd8f6c27b1f6
- https://git.kernel.org/stable/c/701a8220762ff90615dc91d3543f789391b63298
- https://git.kernel.org/stable/c/809a5be62e92a444a3c3d7b9f438019d0b322f55
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53536.json
- https://nvd.nist.gov/vuln/detail/CVE-2023-53536
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced1b2628397058ebce7277480960b29c788138de90Fixed701a8220762ff90615dc91d3543f789391b63298Fixed5bb4005fb667c6e2188fa87950f8d5faf2994410Fixed64ef787bb1588475163069c2e62fdd8f6c27b1f6Fixed809a5be62e92a444a3c3d7b9f438019d0b322f55Fixed5c62852942667c613de0458fc797c5b8c36112b5Fixed5c7cb94452901a93e90c2230632e2c12a681bc92