CVE-2023-53023

🗓️ 27 Mar 2025 16:43:49Reported by LinuxType

cve🔗 web.nvd.nist.gov👁 84 Views🌐 WEB

Fixed use-after-free vulnerability in Linux kernel's nfc subsystem to prevent memory issues.

Reporter	Title	Published	Views	Family All 44
AstraLinux	Astra Linux - уязвимость в linux-5.10, linux	20 May 202605:53	–	astralinux
BDU FSTEC	The vulnerability of the localcleanup() function in the Linux operating system’s kernel allows a hacker to trigger a service failure.	4 Jun 202500:00	–	bdu_fstec
CNNVD	Linux kernel 资源管理错误漏洞	27 Mar 202500:00	–	cnnvd
Cvelist	CVE-2023-53023 net: nfc: Fix use-after-free in local_cleanup()	27 Mar 202516:43	–	cvelist
Debian CVE	CVE-2023-53023	27 Mar 202516:43	–	debiancve
EUVD	EUVD-2023-59697	3 Oct 202520:07	–	euvd
NVD	CVE-2023-53023	27 Mar 202517:15	–	nvd
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:01600-1)	22 May 202500:00	–	openvas
OpenVAS	SUSE: Security Advisory (SUSE-SU-2025:1195-1)	14 Apr 202500:00	–	openvas
OSV	BELL-CVE-2023-53023	28 Mar 202505:57	–	osv

NVD

Vulners

CNA

Node

linux linux_kernelRange3.9–4.14.305

linux linux_kernelRange4.15–4.19.272

linux linux_kernelRange4.20–5.4.231

linux linux_kernelRange5.5–5.10.166

linux linux_kernelRange5.11–5.15.91

linux linux_kernelRange5.16–6.1.9

linux linux_kernelMatch6.2rc1

linux linux_kernelMatch6.2rc2

linux linux_kernelMatch6.2rc3

linux linux_kernelMatch6.2rc4

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/nfc/llcp_core.c"
    ],
    "versions": [
      {
        "version": "3536da06db0baa675f32de608c0a4c0f5ef0e9ff",
        "lessThan": "b09ae26f08aaf2d85f96ea7f90ddd3387f62216f",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3536da06db0baa675f32de608c0a4c0f5ef0e9ff",
        "lessThan": "54f7be61584b8ec4c6df405f479495b9397bae4a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3536da06db0baa675f32de608c0a4c0f5ef0e9ff",
        "lessThan": "a59cdbda3714e11aa3ab579132864c4c8c6d54f9",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3536da06db0baa675f32de608c0a4c0f5ef0e9ff",
        "lessThan": "ad1baab3a5c03692d22ce446f38596a126377f6a",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3536da06db0baa675f32de608c0a4c0f5ef0e9ff",
        "lessThan": "7f129927feaf7c10b1c38bbce630172e9a08c834",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3536da06db0baa675f32de608c0a4c0f5ef0e9ff",
        "lessThan": "d3605282ec3502ec8847915eb2cf1f340493ff79",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "3536da06db0baa675f32de608c0a4c0f5ef0e9ff",
        "lessThan": "4bb4db7f3187c6e3de6b229ffc87cdb30a2d22b6",
        "status": "affected",
        "versionType": "git"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "net/nfc/llcp_core.c"
    ],
    "versions": [
      {
        "version": "3.9",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "3.9",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "4.14.305",
        "lessThanOrEqual": "4.14.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "4.19.272",
        "lessThanOrEqual": "4.19.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.4.231",
        "lessThanOrEqual": "5.4.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.10.166",
        "lessThanOrEqual": "5.10.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "5.15.91",
        "lessThanOrEqual": "5.15.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.1.9",
        "lessThanOrEqual": "6.1.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.2",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/54f7be61584b8ec4c6df405f479495b9397bae4a
git	www.git.kernel.org/stable/c/a59cdbda3714e11aa3ab579132864c4c8c6d54f9
git	www.git.kernel.org/stable/c/ad1baab3a5c03692d22ce446f38596a126377f6a
git	www.git.kernel.org/stable/c/b09ae26f08aaf2d85f96ea7f90ddd3387f62216f
git	www.git.kernel.org/stable/c/4bb4db7f3187c6e3de6b229ffc87cdb30a2d22b6
git	www.git.kernel.org/stable/c/d3605282ec3502ec8847915eb2cf1f340493ff79
git	www.git.kernel.org/stable/c/7f129927feaf7c10b1c38bbce630172e9a08c834

Parameter	Position	Path	Description	CWE
local_cleanup()	path	net/nfc/llcp_core.c	Use-after-free in local_cleanup() leading to double-free of skb when NFC device is detached; fixed by setting local->rx_pending to NULL in local_cleanup()	CWE-416
local->rx_pending	path	net/nfc/llcp_core.c	Use-after-free in local_cleanup() leading to double-free of skb when NFC device is detached; fixed by setting local->rx_pending to NULL in local_cleanup()	CWE-416
local->ref	path	net/nfc/llcp_core.c	Use-after-free in local_cleanup() leading to double-free of skb when NFC device is detached; fixed by setting local->rx_pending to NULL in local_cleanup()	CWE-416

11 May 2026 19:37Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.17.8

EPSS0.00019

SSVC

CWE-416