CVE-2023-53116

UNKNOWN 0.0

nvmet: avoid potential UAF in nvmet_req_complete()

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free the request passed as argument. Such implementation potentially could result in a use after free of the request pointer when percpu_ref_put() is called in nvmet_req_complete(). Avoid such problem by using a local variable to save the sq pointer before calling __nvmet_req_complete(), thus avoiding dereferencing the req pointer after that function call.

Vendor	linux
Product	linux
Ecosystems	Linux Kernel
Industries	Technology
Published	May 2, 2025
Last Updated	May 11, 2026

Stay Ahead of the Next One

Get instant alerts for linux linux

Be the first to know when new unknown vulnerabilities affecting linux linux are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Linux / Linux

a07b4970f464f13640e28e16dad6cfa33647cc99 < e5d99b29012bbf0e86929403209723b2806500c1 a07b4970f464f13640e28e16dad6cfa33647cc99 < fafcb4b26393870c45462f9af6a48e581dbbcf7e a07b4970f464f13640e28e16dad6cfa33647cc99 < 04c394208831d5e0d5cfee46722eb0f033cd4083 a07b4970f464f13640e28e16dad6cfa33647cc99 < a6317235da8aa7cb97529ebc8121cc2a4c4c437a a07b4970f464f13640e28e16dad6cfa33647cc99 < f1d5888a5efe345b63c430b256e95acb0a475642 a07b4970f464f13640e28e16dad6cfa33647cc99 < bcd535f07c58342302a2cd2bdd8894fe0872c8a9 a07b4970f464f13640e28e16dad6cfa33647cc99 < 8ed9813871038b25a934b21ab76b5b7dbf44fc3a a07b4970f464f13640e28e16dad6cfa33647cc99 < 6173a77b7e9d3e202bdb9897b23f2a8afe7bf286

Linux / Linux

4.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗