CVE-2023-54280

🗓️ 30 Dec 2025 12:23:22Reported by LinuxType

CIFS fix race when tree connecting IPC by protecting TCP_Server_Info hostname during IPC tree name build to prevent use after free in __tree_connect_dfs_target; update IPC tcon status on success and avoid extra tree connects.

Reporter	Title	Published	Views	Family All 294
AstraLinux	Astra Linux - уязвимость в linux-5.10	3 May 202623:59	–	astralinux
Circl	CVE-2023-54280	19 Mar 202600:00	–	circl
CNNVD	Linux kernel 安全漏洞	30 Dec 202500:00	–	cnnvd
Cvelist	CVE-2023-54280 cifs: fix potential race when tree connecting ipc	30 Dec 202512:23	–	cvelist
Debian CVE	CVE-2023-54280	30 Dec 202512:23	–	debiancve
EUVD	EUVD-2023-60524	30 Dec 202515:30	–	euvd
NVD	CVE-2023-54280	30 Dec 202513:16	–	nvd
OSV	BELL-CVE-2023-54280	1 Jan 202606:06	–	osv
OSV	CVE-2023-54280 cifs: fix potential race when tree connecting ipc	30 Dec 202512:23	–	osv
OSV	DEBIAN-CVE-2023-54280	30 Dec 202513:16	–	osv

Vulners

CNA

Node

linux linux_kernelRange5.15.81–5.16

linux linux_kernelRange5.16–6.2.15

linux linux_kernelRange6.3.0–6.3.2

linux linux_kernelRange6.4.0≥

[
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "unaffected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/cifs/dfs.c"
    ],
    "versions": [
      {
        "version": "c88f7dcd6d6429197fc2fd87b54a894ffcd48e8e",
        "lessThan": "536ec71ba060a02fabe8e22cecb82fe7b3a8708b",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c88f7dcd6d6429197fc2fd87b54a894ffcd48e8e",
        "lessThan": "553476df55a111e6a66ad9155256aec0ec1b7ad0",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "c88f7dcd6d6429197fc2fd87b54a894ffcd48e8e",
        "lessThan": "ee20d7c6100752eaf2409d783f4f1449c29ea33d",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "81d583baa5f1abd73c755ce1992929debd20b687",
        "status": "affected",
        "versionType": "git"
      },
      {
        "version": "5.15.81",
        "lessThan": "5.16",
        "status": "affected",
        "versionType": "semver"
      }
    ]
  },
  {
    "product": "Linux",
    "vendor": "Linux",
    "defaultStatus": "affected",
    "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
    "programFiles": [
      "fs/cifs/dfs.c"
    ],
    "versions": [
      {
        "version": "5.16",
        "status": "affected"
      },
      {
        "version": "0",
        "lessThan": "5.16",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.2.15",
        "lessThanOrEqual": "6.2.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.3.2",
        "lessThanOrEqual": "6.3.*",
        "status": "unaffected",
        "versionType": "semver"
      },
      {
        "version": "6.4",
        "lessThanOrEqual": "*",
        "status": "unaffected",
        "versionType": "original_commit_for_fix"
      }
    ]
  }
]

Source	Link
git	www.git.kernel.org/stable/c/ee20d7c6100752eaf2409d783f4f1449c29ea33d
git	www.git.kernel.org/stable/c/536ec71ba060a02fabe8e22cecb82fe7b3a8708b
git	www.git.kernel.org/stable/c/553476df55a111e6a66ad9155256aec0ec1b7ad0

23 May 2026 15:35Current

6.1Medium risk

Vulners AI Score6.1

EPSS0.00023