CVE-2023-53794

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2023-53794

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53794.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2023-53794

Downstream

BELL-CVE-2023-53794

DEBIAN-CVE-2023-53794

OESA-2026-1275

ROOT-OS-DEBIAN-11-CVE-2023-53794

ROOT-OS-UBUNTU-2204-CVE-2023-53794

SUSE-SU-2026:0263-1

SUSE-SU-2026:0278-1

SUSE-SU-2026:0281-1

SUSE-SU-2026:0293-1

SUSE-SU-2026:0315-1

SUSE-SU-2026:0317-1

SUSE-SU-2026:0411-1

SUSE-SU-2026:0617-1

SUSE-SU-2026:20477-1

SUSE-SU-2026:20498-1

UBUNTU-CVE-2023-53794

Related

Published

2025-12-09T00:00:51.061Z

Modified

2026-03-12T03:28:44.252199Z

Summary

cifs: fix session state check in reconnect to avoid use-after-free issue

Details

In the Linux kernel, the following vulnerability has been resolved:

cifs: fix session state check in reconnect to avoid use-after-free issue

Don't collect exiting session in smb2reconnectserver(), because it will be released soon.

Note that the exiting session will stay in server->smbseslist until it complete the cifsfreeipc() and logoff() and then delete itself from the list.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/53xxx/CVE-2023-53794.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

4fcd1813e6404dd4420c7d12fb483f9320f0bf93

Fixed

7e4f5c3f01fb0e51ca438e43262d858daf9a0a76

Fixed

759ffc164d95a32c09528766d74d9b4fb054e8f4

Fixed

99f280700b4cc02d5f141b8d15f8e9fad0418f65

Type: GIT
Repo: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

655e0c067f0e02ece03fd0591dabe3db2ae27552

Last affected

875cc09c0767a4ac06b57af383709657f98b3ea1

Last affected

599fe1409085059ba12a2c3897c853be9fa9e7cf

Last affected

2e4378ee60049b752c9dce16f62ce6fbd11b379a

Last affected

59b520454b323ec43b2ae757217332cea33091e0

Last affected

e20c888e2b3576e5f498c167729d274ef60b86f8

Last affected

4ce7aa4e44d88ce64ea8ae2337b8910f3670b0ba

Last affected

419fad68e4c4135ff9859e9214dd6cf954413ca1

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53794.json"

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.7.0

Fixed

6.1.47

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.4.12

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-53794.json"